AtgppuwOviiAwm
CsyPsnyCgjdycTl
BehwcHj
Static task
static1
Behavioral task
behavioral1
Sample
c44e92de9e9d414fabc0e70f6303e5c30ca745580be028ed7eff1e4c85eb027d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c44e92de9e9d414fabc0e70f6303e5c30ca745580be028ed7eff1e4c85eb027d.exe
Resource
win10v2004-20220812-en
Target
c44e92de9e9d414fabc0e70f6303e5c30ca745580be028ed7eff1e4c85eb027d
Size
20KB
MD5
c12720912ea4cbd2c5570a21cb0ec145
SHA1
00b0c03d4aea139f77a5fb1ef1e1cf7058319418
SHA256
c44e92de9e9d414fabc0e70f6303e5c30ca745580be028ed7eff1e4c85eb027d
SHA512
434f911404dc2e6cce968fa2587e52ddf1afdb07362066bf53b8299094e60c619eaa707c94e2d2abbac03b3bde2ee01c4898819d722afea01c80400ab3342e56
SSDEEP
384:dh+hx9U1JcpVa6efhTn1sR9eSjgCSf5Y5/R5P:dy9U1+na6efhTnKeSjkxYZ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
MmAllocateNonCachedMemory
strrchr
IoForwardIrpSynchronously
PoStartNextPowerIrp
ExAcquireResourceSharedLite
ZwWriteFile
ExFreePoolWithTag
RtlImageNtHeader
RtlSplay
SeTokenIsAdmin
ExAllocatePool
RtlLockBootStatusData
strcmp
PsGetProcessInheritedFromUniqueProcessId
PsJobType
FsRtlAreNamesEqual
RtlDeleteAce
ZwOpenTimer
PsGetProcessWin32WindowStation
_wcsupr
KeRegisterBugCheckCallback
ZwYieldExecution
SeCreateClientSecurityFromSubjectContext
FsRtlCurrentBatchOplock
ExInterlockedAddLargeInteger
RtlCreateAcl
RtlTimeToSecondsSince1970
RtlGetCallersAddress
IoForwardAndCatchIrp
ZwQueryObject
IoSetDeviceInterfaceState
RtlOemToUnicodeN
AtgppuwOviiAwm
CsyPsnyCgjdycTl
BehwcHj
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ