3318343392411528decd3b375758e85438350e8b88ed3247702ca838e0202b94 | Triage

Submit
Reports

Overview

overview

1

Static

static

3318343392...94.exe

windows7-x64

3318343392...94.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3318343392411528decd3b375758e85438350e8b88ed3247702ca838e0202b94.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

3318343392411528decd3b375758e85438350e8b88ed3247702ca838e0202b94.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

3318343392411528decd3b375758e85438350e8b88ed3247702ca838e0202b94
Size

24KB
MD5

25c81b405c52cb7bd980ab7ce17350f0
SHA1

dac0075ecb7a189cdbb7c3ab484e83eb5550709b
SHA256

3318343392411528decd3b375758e85438350e8b88ed3247702ca838e0202b94
SHA512

1a1e23865fb6fcc29feb7621c00c58cbcc96746c3926b8d498c1093d9250c363bcbe86614a6b00a5fc57a084b480716a401a9d7772699cf6169d89bdaa14b4dd
SSDEEP

768:wE8Rwdrw89ryBAs9Wxgs/7alVCvbUIpqChbd:9frD9ryBna/7alYvbUIxh

Score

N/A

Malware Config

Signatures

Files

3318343392411528decd3b375758e85438350e8b88ed3247702ca838e0202b94
.exe windows x86

8dc8ff0a28243477f43e2509c6c61b99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmIsAddressValid
ZwClose
ZwUnmapViewOfSection
ZwCreateFile
RtlInitUnicodeString
IoRegisterDriverReinitialization
RtlFreeUnicodeString
KeDelayExecutionThread
wcslen
ZwCreateKey
swprintf
wcscat
wcscpy
RtlAnsiStringToUnicodeString
_snprintf
ExFreePool
ExAllocatePoolWithTag
ZwQuerySystemInformation
ZwMapViewOfSection
ZwCreateSection
ZwOpenFile
strncmp
IoGetCurrentProcess
_wcsnicmp
ZwSetValueKey
ZwOpenKey
ZwEnumerateKey
PsGetVersion
_wcslwr
wcsncpy
PsSetCreateProcessNotifyRoutine
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
PsTerminateSystemThread
PsCreateSystemThread
_stricmp
strncpy
PsLookupProcessByProcessId
KeInitializeTimer
IofCompleteRequest

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 986B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 640B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy