27abc201f8ffc7eee0c90ac5319daffaa7683ef71fdc23ceadb8ee06a63cb12b | Triage

Submit
Reports

Overview

overview

1

Static

static

27abc201f8...2b.exe

windows7-x64

27abc201f8...2b.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

27abc201f8ffc7eee0c90ac5319daffaa7683ef71fdc23ceadb8ee06a63cb12b.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

27abc201f8ffc7eee0c90ac5319daffaa7683ef71fdc23ceadb8ee06a63cb12b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

27abc201f8ffc7eee0c90ac5319daffaa7683ef71fdc23ceadb8ee06a63cb12b
Size

25KB
MD5

1a97f2fd3be2bf40358ecd5a063ab1d0
SHA1

884283c0d6e28cbd3b5d14c5e811eec8f300668c
SHA256

27abc201f8ffc7eee0c90ac5319daffaa7683ef71fdc23ceadb8ee06a63cb12b
SHA512

ca1a85a53330736cb5993e2449762693ab6075bb2a43a90bb66088f9d603a00aadb83c86e82aeac0bd0b6da297fab1047dfced8f5eba75dedf502b7fc06501f9
SSDEEP

768:7wKiUFWDnisvuN98QSrexpxz1f4xhPeeA15Jqrh5e+XwYMVug/pKEBP:7wKR8nDv2bd5tR/B

Score

N/A

Malware Config

Signatures

Files

27abc201f8ffc7eee0c90ac5319daffaa7683ef71fdc23ceadb8ee06a63cb12b
.exe windows x86

8e0ba3a3de646d096982e027bc8d9f3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwQuerySystemInformation
KeDelayExecutionThread
ZwClose
ZwCreateKey
wcslen
swprintf
isxdigit
wcscat
wcscpy
atol
MmIsAddressValid
strncmp
IoGetCurrentProcess
_wcslwr
wcsncpy
PsGetVersion
_wcsnicmp
ZwOpenKey
ZwEnumerateKey
ZwSetValueKey
ZwCreateFile
RtlAnsiStringToUnicodeString
_snprintf
ExFreePool
ExAllocatePoolWithTag
RtlInitUnicodeString
ZwMapViewOfSection
ZwCreateSection
ZwOpenFile
ZwUnmapViewOfSection
toupper
IoRegisterDriverReinitialization
atoi
islower
PsTerminateSystemThread
PsCreateSystemThread
_stricmp
strncpy
PsLookupProcessByProcessId
srand
KeInitializeTimer
IofCompleteRequest
PsSetCreateProcessNotifyRoutine
isprint
isupper
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
DbgPrint

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 704B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy