a94ea65c680e2f20bb41fac5e6478d11a06b213a1f3b851e17203e872f701849 | Triage

Submit
Reports

Overview

overview

1

Static

static

a94ea65c68...49.exe

windows7-x64

a94ea65c68...49.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a94ea65c680e2f20bb41fac5e6478d11a06b213a1f3b851e17203e872f701849.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

a94ea65c680e2f20bb41fac5e6478d11a06b213a1f3b851e17203e872f701849.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a94ea65c680e2f20bb41fac5e6478d11a06b213a1f3b851e17203e872f701849
Size

27KB
MD5

75e4acbbbea0e8d337ef405c176bd113
SHA1

d4823cce5f1266ef5bcfdbc9be99a4b06d5aca4e
SHA256

a94ea65c680e2f20bb41fac5e6478d11a06b213a1f3b851e17203e872f701849
SHA512

34b0c841e565d4087c66eba222cc64fc650cf58500a610d21b583469ecf81b18a244c56c5e1f463c02b1ace374bc9a6c49dc1b0203c2f22b7012a713494c62a0
SSDEEP

768:0qNywtO4C307DxRTnp80fTEYGfjMP6AHyxjejvW:Ryw44C07bbp80oPc6VxyvW

Score

N/A

Malware Config

Signatures

Files

a94ea65c680e2f20bb41fac5e6478d11a06b213a1f3b851e17203e872f701849
.exe windows x86

a756e08c5b37cf76f9c4f95d2a227d0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlAnsiStringToUnicodeString
swprintf
RtlInitUnicodeString
_strnicmp
ObfDereferenceObject
strncmp
wcslen
wcscat
wcscpy
RtlCopyUnicodeString
strncpy
_stricmp
ZwClose
ZwOpenKey
ExFreePool
_snprintf
ExAllocatePoolWithTag
MmGetSystemRoutineAddress
_wcsnicmp

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 448B - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 832B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy