b7d4be3e01a136979beed9d4ffe7f2f98eecf77be6e87d7c03bdc90fee46b9a2 | Triage

Submit
Reports

Overview

overview

1

Static

static

b7d4be3e01...a2.exe

windows7-x64

b7d4be3e01...a2.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b7d4be3e01a136979beed9d4ffe7f2f98eecf77be6e87d7c03bdc90fee46b9a2.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7d4be3e01a136979beed9d4ffe7f2f98eecf77be6e87d7c03bdc90fee46b9a2.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b7d4be3e01a136979beed9d4ffe7f2f98eecf77be6e87d7c03bdc90fee46b9a2
Size

25KB
MD5

cef63b9089899683364f3ec1c7b40001
SHA1

32ed5670c3c7261e8309437315d2ccc77eb957cd
SHA256

b7d4be3e01a136979beed9d4ffe7f2f98eecf77be6e87d7c03bdc90fee46b9a2
SHA512

0d77d74acc19f60b9bc2f206918c3c4779a781eca634000864126fbec2cb82a13850b16f5336451c3a5bebb29494df0ff8752ef6fc5cbf510b45776e2003b4c0
SSDEEP

384:BrqpbKsWw7ztZ+Dc+6IaqG295S9WeqNY9fmE5DKUSrDENfdAaIJ2ZIbx:BGEsP74VVaz2nSDqAfmMDKUYEbBQv

Score

N/A

Malware Config

Signatures

Files

b7d4be3e01a136979beed9d4ffe7f2f98eecf77be6e87d7c03bdc90fee46b9a2
.exe windows x86

e1d2be6cdad25d6af359440510cc65a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

swprintf
_strnicmp
RtlAnsiStringToUnicodeString
RtlInitUnicodeString
_stricmp
strncpy
IofCompleteRequest
wcslen
RtlCompareUnicodeString
ExGetPreviousMode
wcscpy
_except_handler3
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlCopyUnicodeString
MmGetSystemRoutineAddress
strncmp
MmIsAddressValid
ExFreePool
_snprintf
ExAllocatePoolWithTag
_wcsnicmp
ObfDereferenceObject

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 928B - Virtual size: 916B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy