ba2f6b7323d6cc95860c4ff0836d57f269798ffc401a1f9af80361417fb9825b | Triage

Submit
Reports

Overview

overview

1

Static

static

ba2f6b7323...5b.exe

windows7-x64

ba2f6b7323...5b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ba2f6b7323d6cc95860c4ff0836d57f269798ffc401a1f9af80361417fb9825b.exe

Resource

win7-20220901-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba2f6b7323d6cc95860c4ff0836d57f269798ffc401a1f9af80361417fb9825b.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ba2f6b7323d6cc95860c4ff0836d57f269798ffc401a1f9af80361417fb9825b
Size

15KB
MD5

ee31d4b6cbf3594a87be90cf8d1d6522
SHA1

fbd026200b13a82f4949478b6e13d39c1ba300bd
SHA256

ba2f6b7323d6cc95860c4ff0836d57f269798ffc401a1f9af80361417fb9825b
SHA512

7b7d8c8c6eb604e12b92956dee75699916dea7ca8e011184c433c4682dc1842643c2aa0fd998e2086345904e7f48092789175419f9c6afee91c57b1cdd67899e
SSDEEP

96:rx/587Rc2bCwYA61gnAK39x/587Rc2bCwYA61gnAK39x/587Rc2bCwYA61gnAK3:rMRc25vXtMRc25vXtMRc25vX

Score

N/A

Malware Config

Signatures

Files

ba2f6b7323d6cc95860c4ff0836d57f269798ffc401a1f9af80361417fb9825b
.exe windows x86

8d7ea1d63197dfde206cf46bb1ff92bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
ZwOpenProcess
PsProcessType
ZwClose
ZwAssignProcessToJobObject
ZwCreateJobObject
ZwTerminateJobObject
KeServiceDescriptorTable
IoCreateSymbolicLink
IoCreateDevice
_except_handler3
_stricmp
ObReferenceObjectByHandle

hal

KfLowerIrql
KeRaiseIrqlToDpcLevel

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 640B - Virtual size: 534B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy