b289d00f9f74a0b1dd5e9120b813c7f2bc1308c9b15a5a93026fb08a7cdcc7b3 | Triage

Submit
Reports

Overview

overview

1

Static

static

b289d00f9f...b3.exe

windows7-x64

b289d00f9f...b3.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b289d00f9f74a0b1dd5e9120b813c7f2bc1308c9b15a5a93026fb08a7cdcc7b3.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

b289d00f9f74a0b1dd5e9120b813c7f2bc1308c9b15a5a93026fb08a7cdcc7b3.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b289d00f9f74a0b1dd5e9120b813c7f2bc1308c9b15a5a93026fb08a7cdcc7b3
Size

47KB
MD5

8adabe62b64f1227f89876da9abba17e
SHA1

795a79dea14703f6596165bfe44519b908b74c02
SHA256

b289d00f9f74a0b1dd5e9120b813c7f2bc1308c9b15a5a93026fb08a7cdcc7b3
SHA512

a82817d2615ab2e7142899f22d2a601142b534e94af411eb3f41a46610e66820767c7e75dadce5d94922493f226a68a91ceea664fada03c37e3efdecdb44abbc
SSDEEP

768:g80UGu6RAvjwP6+3y8Fyyeeg7QRwsdUDFF4YXNCgRpPdN94H:b0Tu6RAvFaSjewsyFF4+FRpPj94

Score

N/A

Malware Config

Signatures

Files

b289d00f9f74a0b1dd5e9120b813c7f2bc1308c9b15a5a93026fb08a7cdcc7b3
.exe windows x86

5f63bccefa615bed8a97fb4b0a04921f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExUnregisterCallback
IofCompleteRequest
KeSetEvent
IoDeleteDevice
KeBugCheckEx
PoCallDriver
IoCancelIrp
IoDetachDevice
IofCallDriver
IoFreeIrp
ObfDereferenceObject
IoBuildDeviceIoControlRequest
KeWaitForSingleObject
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlAppendUnicodeStringToString
ExAllocatePoolWithTag
RtlCopyUnicodeString
RtlCompareMemory
KeQueryInterruptTime
KeDelayExecutionThread
IoAllocateIrp
RtlCompareUnicodeString
ExFreePool
KeGetCurrentThread
PsGetCurrentProcessId
RtlInitUnicodeString
KeInitializeEvent
ZwCreateEvent
ExFreePoolWithTag

hal

ExAcquireFastMutex
ExReleaseFastMutex

battc.sys

BatteryClassIoctl
BatteryClassStatusNotify
BatteryClassInitializeDevice
BatteryClassUnload

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy