6856dc87c982e457e80b84c8e4b6c475f99a926108187323d4afc5ab45ce04eb | Triage

Submit
Reports

Overview

overview

1

Static

static

6856dc87c9...eb.exe

windows7-x64

6856dc87c9...eb.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6856dc87c982e457e80b84c8e4b6c475f99a926108187323d4afc5ab45ce04eb.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

6856dc87c982e457e80b84c8e4b6c475f99a926108187323d4afc5ab45ce04eb.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

6856dc87c982e457e80b84c8e4b6c475f99a926108187323d4afc5ab45ce04eb
Size

11KB
MD5

5273dfb7789c7b49d615b9e1041680bc
SHA1

f05765327e7a0c41327cac3d2b8a97f6b5554539
SHA256

6856dc87c982e457e80b84c8e4b6c475f99a926108187323d4afc5ab45ce04eb
SHA512

9d3abaa6dbad3dcfa5e659d8ae54331e6e2da3fc6443d8e3fbc13c05e83eabad5e0bbacf119adfbe9df188c4eb71b84326cc04246441518c723e3b11a16b0bf1
SSDEEP

192:91iTXsP4PJPX7oc4VYkUrIvgv8jzC7ah4O:911P4B78Yk0mq8nC7aWO

Score

N/A

Malware Config

Signatures

Files

6856dc87c982e457e80b84c8e4b6c475f99a926108187323d4afc5ab45ce04eb
.exe windows x86

903f5bb942cab8cc0eaff066bfa67134

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

_strnicmp
strncpy
KeReleaseMutex
ExFreePool
KeWaitForSingleObject
ExAllocatePoolWithTag
ObReferenceObjectByHandle
ObfDereferenceObject
strncmp
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
ObQueryNameString
ZwQueryKey
RtlEqualUnicodeString
RtlInitUnicodeString
ZwClose
ZwDeleteValueKey
ZwCreateKey
ZwSetValueKey
ZwDeleteKey
ZwOpenKey
IofCompleteRequest
KeServiceDescriptorTable
KeInitializeMutex
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 768B - Virtual size: 680B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 768B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy