be50d3e85ff35dcac870a48ef27c765eecf02e381cfa9e3922b3d1a6b218c49a | Triage

Submit
Reports

Overview

overview

1

Static

static

be50d3e85f...9a.dll

windows7-x64

1

be50d3e85f...9a.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

be50d3e85ff35dcac870a48ef27c765eecf02e381cfa9e3922b3d1a6b218c49a.dll

Resource

win7-20220812-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

be50d3e85ff35dcac870a48ef27c765eecf02e381cfa9e3922b3d1a6b218c49a.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

be50d3e85ff35dcac870a48ef27c765eecf02e381cfa9e3922b3d1a6b218c49a
Size

6KB
MD5

366f347df9b2632aa626da208d9a82c0
SHA1

6b5a9fb3b933c3865a287b446b596eca0aeca387
SHA256

be50d3e85ff35dcac870a48ef27c765eecf02e381cfa9e3922b3d1a6b218c49a
SHA512

d7e3be52b84b34614ed9dc81c9752228362a233904a44bc6ee818d511bbb69c2bb8fe79063faad798b872c4b82da4816d0d5ed6d237ed13d9260cb417c594c5f
SSDEEP

96:lMpkct0dVkvQ6miReoFP1JX1naDidwv+iyOYsBtKFaTZdyFpcApxppVSz:l4vguvQEwcfXRKii+D/sBoSmhxH

Score

N/A

Malware Config

Signatures

Files

be50d3e85ff35dcac870a48ef27c765eecf02e381cfa9e3922b3d1a6b218c49a
.dll windows x86

e610606a11a87777a4b7b6452a47757a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwClose
PsCreateSystemThread
RtlDeleteRegistryValue
RtlWriteRegistryValue
RtlCreateRegistryKey
ZwWriteFile
ExFreePoolWithTag
ZwReadFile
ExAllocatePoolWithTag
ZwQueryInformationFile
ZwCreateFile
RtlRandom
RtlCopyUnicodeString
RtlAppendUnicodeToString
RtlGetVersion
PsTerminateSystemThread
ZwLoadDriver
RtlAppendUnicodeStringToString
RtlQueryRegistryValues
KeDelayExecutionThread

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 213B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 640B - Virtual size: 568B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy