ca4d0ff21fc6356056d03a0dca3039b7b84d6339e6656bf2ba2a9be55c9e627c | Triage

Submit
Reports

Overview

overview

1

Static

static

ca4d0ff21f...7c.exe

windows7-x64

ca4d0ff21f...7c.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ca4d0ff21fc6356056d03a0dca3039b7b84d6339e6656bf2ba2a9be55c9e627c.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

ca4d0ff21fc6356056d03a0dca3039b7b84d6339e6656bf2ba2a9be55c9e627c.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ca4d0ff21fc6356056d03a0dca3039b7b84d6339e6656bf2ba2a9be55c9e627c
Size

8KB
MD5

0a3f935d61867342f31493056712d39c
SHA1

b32af5c7f835054573ee7e0fe1b9999a6556f765
SHA256

ca4d0ff21fc6356056d03a0dca3039b7b84d6339e6656bf2ba2a9be55c9e627c
SHA512

6f81ef80f220d4cbdcc4a4067bcf3116f85d6e533c2bf691a50f358856584cea8380f09bb352e2c8b0f7d8917bb038ccbff94392c22bfd440a794b7d94239f66
SSDEEP

192:1oBlXhZK/gmtNGKN2CM8JyFZtQwtm5dmTFHR1f:mB9zKYcG3CM8iZtg50HRx

Score

N/A

Malware Config

Signatures

Files

ca4d0ff21fc6356056d03a0dca3039b7b84d6339e6656bf2ba2a9be55c9e627c
.exe windows x86

e10361e60472ca033b6157b0d162aa42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

memcpy
ExAllocatePoolWithTag
ExFreePoolWithTag
RtlInitUnicodeString
MmMapLockedPagesSpecifyCache
memset
ZwCreateKey
IoDeleteSymbolicLink
IoDeleteDevice
swprintf
ZwSetValueKey
ZwClose
IofCompleteRequest
PsGetVersion
KeServiceDescriptorTable
IoCreateSymbolicLink
IoCreateDevice
ObReferenceObjectByHandle
ObfDereferenceObject
ZwOpenKey
PsTerminateSystemThread
ObReferenceObjectByPointer
_except_handler3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 496B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 624B - Virtual size: 612B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 352B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy