b654ae513a5005f2ca95aa098d868502fe116228ff75cdbb679ec1ee16675253 | Triage

Submit
Reports

Overview

overview

1

Static

static

b654ae513a...53.exe

windows7-x64

b654ae513a...53.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b654ae513a5005f2ca95aa098d868502fe116228ff75cdbb679ec1ee16675253.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

b654ae513a5005f2ca95aa098d868502fe116228ff75cdbb679ec1ee16675253.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b654ae513a5005f2ca95aa098d868502fe116228ff75cdbb679ec1ee16675253
Size

64KB
MD5

83818e8bc79e70e9435afa4746e678a0
SHA1

7d91f19d3b0d03788fa30a7931c82e6da9cfcb10
SHA256

b654ae513a5005f2ca95aa098d868502fe116228ff75cdbb679ec1ee16675253
SHA512

8a0bf11302e8423d3af78c0d14546b60aaaa61e49bb51cd1ca20f830c0605c711d8b4f7a2eae99a44f5641f7ff54176bba6266ef70332918ecd41f9459cb4029
SSDEEP

1536:KOZnp1VMXTPEdD6dpwqnLKmHNYwWqg6jdd/CdvIJ0NtERN:hpPyLEJ61ztYwPgOxR

Score

N/A

Malware Config

Signatures

Files

b654ae513a5005f2ca95aa098d868502fe116228ff75cdbb679ec1ee16675253
.exe windows x86

f72169b9727fe7e1b3100d4cf1ee0e5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
memset
memmove
KeTickCount
MmIsRecursiveIoFault
MmGetPhysicalAddress
IoGetConfigurationInformation
MmGetSystemRoutineAddress
RtlInitAnsiString
ExFreePoolWithTag
PsGetVersion
RtlCopyLuid
KeQueryInterruptTime
memcpy
KeBugCheckEx
FsRtlDissectDbcs
ExAllocatePoolWithTag

hal

KeStallExecutionProcessor

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 640B - Virtual size: 600B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy