2665a527aaa954e2b49319ce4309905203cf82a68787151269b64b324b857c30_unpacked | Triage

Submit
Reports

Overview

overview

1

Static

static

2665a527aa...ed.exe

windows7-x64

2665a527aa...ed.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

2665a527aaa954e2b49319ce4309905203cf82a68787151269b64b324b857c30_unpacked.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral2

Sample

2665a527aaa954e2b49319ce4309905203cf82a68787151269b64b324b857c30_unpacked.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

600 seconds

General

Target

2665a527aaa954e2b49319ce4309905203cf82a68787151269b64b324b857c30_unpacked
Size

22KB
MD5

41d6cd645e3ec0d2ade5a1fdc418f392
SHA1

38a84c52dbbc26f84a60c303cf344671ad127aa6
SHA256

5d00b0e721e1a7b44972b8191dc14d3afee71ef8e29fe0cf51c2bc9ee825c9f0
SHA512

0673507b5c9855a3d65e3c0e082741a93dd3276e2ee497d3df2eb6a1579d04a38637fb5826ec3139558dde27e08fdf00bd700ca0f3bbf2bde8db602e91da1a1a
SSDEEP

384:zX7amZB980w1OvuLQiym9jXFcuil6EAYaf1y47FeRaZAmu:nzv6l9jXFzi6EAYatyuFZAmu

Score

N/A

Malware Config

Signatures

Files

2665a527aaa954e2b49319ce4309905203cf82a68787151269b64b324b857c30_unpacked
.exe windows x86

9e011d194f6fac23700eca75f7ac3894

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
ZwQueryInformationProcess
ZwOpenProcess
RtlAnsiStringToUnicodeString
RtlInitAnsiString
ZwUnmapViewOfSection
ZwMapViewOfSection
ZwCreateSection
ExFreePoolWithTag
KeDelayExecutionThread
KeInsertQueueApc
KeInitializeApc
KeGetCurrentThread
PsSetLoadImageNotifyRoutine
PsSetCreateProcessNotifyRoutine
KeInitializeSpinLock
ZwClose
ZwAllocateVirtualMemory
RtlEqualUnicodeString

hal

KfAcquireSpinLock
KfReleaseSpinLock

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 640B - Virtual size: 570B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 768B - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy