be5d99f119132e6fc80134fa74b80820d85059fa5c062b4041e6f8d84809d117 | Triage

Submit
Reports

Overview

overview

1

Static

static

be5d99f119...17.exe

windows7-x64

be5d99f119...17.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

be5d99f119132e6fc80134fa74b80820d85059fa5c062b4041e6f8d84809d117.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

be5d99f119132e6fc80134fa74b80820d85059fa5c062b4041e6f8d84809d117.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

be5d99f119132e6fc80134fa74b80820d85059fa5c062b4041e6f8d84809d117
Size

22KB
MD5

55ee37279e310d8e22119f6aa211dc7f
SHA1

23af3ae1d057d5396cf2f8587212ef1a1bf08d26
SHA256

be5d99f119132e6fc80134fa74b80820d85059fa5c062b4041e6f8d84809d117
SHA512

c19168f93848f5568aaf9afe6e6885045b20d086475123e32be303221e78215dbd2f66d0629e0707311601ae55e5a22707917222550eb4c540e20c9b0f5d6295
SSDEEP

384:e+Dgz8x410OmbpdjE8w1y2rpemtBI2YLIV8l3ZL+HR8tNo/H7N87mmarbA:5kec0OqdRwLpebm6xZL+HRaNMHq7mmaI

Score

N/A

Malware Config

Signatures

Files

be5d99f119132e6fc80134fa74b80820d85059fa5c062b4041e6f8d84809d117
.exe windows x86

d37b3c00bfd3e7d151dcddb05b0e49b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwDeleteFile
IoBuildAsynchronousFsdRequest
ExFreePool
WRITE_REGISTER_ULONG
RtlCustomCPToUnicodeN
ZwSaveKey
CcUnpinData
RtlFillMemoryUlong
RtlFindMessage
towupper
MmIsNonPagedSystemAddressValid
ZwQueryDefaultLocale
RtlGetSaclSecurityDescriptor
PsChargePoolQuota
RtlIntegerToUnicodeString
ObQueryNameString
ZwQueryInformationFile
InterlockedIncrement
ZwQueryInformationProcess
FsRtlAreNamesEqual
DbgPrint

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ILIT
Size: 1024B - Virtual size: 614B

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 391B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy