fa9f4a88b5b126f02636f968c3fa146eb58ee4df30e042d185650f0f3d22df7a | Triage

Submit
Reports

Overview

overview

1

Static

static

fa9f4a88b5...7a.dll

windows7-x64

1

fa9f4a88b5...7a.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

fa9f4a88b5b126f02636f968c3fa146eb58ee4df30e042d185650f0f3d22df7a.dll

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

fa9f4a88b5b126f02636f968c3fa146eb58ee4df30e042d185650f0f3d22df7a.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

fa9f4a88b5b126f02636f968c3fa146eb58ee4df30e042d185650f0f3d22df7a
Size

36KB
MD5

42bd6a910ae143b342eb866f4d2476d9
SHA1

77572c706b72732fa52463a0cd0ea5cd3ada7f02
SHA256

fa9f4a88b5b126f02636f968c3fa146eb58ee4df30e042d185650f0f3d22df7a
SHA512

6a9c6712e8c44a40d39a23943df2da52a73ad7f01e0c20d6f19322110009d4264b79a705aa0c7307c634e867c931fdf245431cf59bb60836a626f30cd33a6fa9
SSDEEP

768:kqJ+YY6bT/O3zcOe1wnUx5u3Znwn4ccc1Ug7QM:NJtdT/BODUx5u3un4cc6/

Score

N/A

Malware Config

Signatures

Files

fa9f4a88b5b126f02636f968c3fa146eb58ee4df30e042d185650f0f3d22df7a
.dll windows x86

8a1e1a20a012116f2139b06d5a90d862

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

PoSetPowerState
FsRtlAllocateFileLock
RtlHashUnicodeString
ExAllocatePoolWithQuotaTag
RtlInitString
KeRundownQueue
CcDeferWrite
MmIsAddressValid
KeStackAttachProcess
KeRemoveByKeyDeviceQueue
RtlDeleteRegistryValue
RtlxUnicodeStringToAnsiSize
atoi
ZwQueryInformationFile
RtlCompareString
KeWaitForMultipleObjects
IoOpenDeviceRegistryKey
RtlEqualSid
IoDeleteSymbolicLink
KeDeregisterBugCheckCallback
RtlEqualString
RtlGetVersion
IoRequestDeviceEject

Exports

Exports

?syMHgrxio@@YGKEPAH@Z
?sqzdYmwnitvTcB@@YGPAFG@Z

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy