133029864b684827d099b5ba703c9508df47c1ceabce1480803a01c32912822b | Triage

Submit
Reports

Overview

overview

1

Static

static

133029864b...2b.exe

windows7-x64

133029864b...2b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

133029864b684827d099b5ba703c9508df47c1ceabce1480803a01c32912822b.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

133029864b684827d099b5ba703c9508df47c1ceabce1480803a01c32912822b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

133029864b684827d099b5ba703c9508df47c1ceabce1480803a01c32912822b
Size

30KB
MD5

a0e149877199fc429cfc4e8f1cd3edb0
SHA1

0a04721dd75d1b1ad6321bc9b4770382726b65e6
SHA256

133029864b684827d099b5ba703c9508df47c1ceabce1480803a01c32912822b
SHA512

4bc0c7798fb91bb155fcab6bd834c76d352b9423d9e997875bc4a0307e57bd00648fc6bfcd3344d5fc757da79d1503f324e16ce14dc62e9e05d9c0241175a934
SSDEEP

192:CRspyZd8jM2uN2XNqboQVWRdcMg+dHCP9zDHa57FGl9hwy4PZqDOgh:eHZ6juNSYAdFdiFU7q4PZqSg

Score

N/A

Malware Config

Signatures

Files

133029864b684827d099b5ba703c9508df47c1ceabce1480803a01c32912822b
.exe windows x86

b22d052eb22368805fada58abe5d51b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoGetCurrentProcess
strncmp
ObfDereferenceObject
PsLookupProcessByProcessId
PsGetCurrentProcessId
ObOpenObjectByPointer
ObReferenceObjectByHandle
KeSetEvent
ExFreePoolWithTag
KeGetCurrentThread
KeServiceDescriptorTable
memcpy
IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
_strnicmp
ExAllocatePoolWithTag
IoCreateSymbolicLink
IoCreateDevice
DbgPrint
memset
ZwClose
ProbeForRead
KeWaitForSingleObject
memmove
KeTickCount
KeBugCheckEx
IofCompleteRequest
PsSetCreateProcessNotifyRoutine
KeInitializeEvent
RtlUnwind

hal

ExAcquireFastMutex
ExReleaseFastMutex

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 938B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy