bdc3f6f400a3c344711810b8b547821b101981b53dbef862ec7b272f8ce505b2 | Triage

Submit
Reports

Overview

overview

1

Static

static

bdc3f6f400...b2.exe

windows7-x64

bdc3f6f400...b2.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bdc3f6f400a3c344711810b8b547821b101981b53dbef862ec7b272f8ce505b2.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

bdc3f6f400a3c344711810b8b547821b101981b53dbef862ec7b272f8ce505b2.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

bdc3f6f400a3c344711810b8b547821b101981b53dbef862ec7b272f8ce505b2
Size

5KB
MD5

3bc3c97f3ba17bd066f324ee66d34862
SHA1

a67b725548db0d5bd5370cf64b42f4a85050dea2
SHA256

bdc3f6f400a3c344711810b8b547821b101981b53dbef862ec7b272f8ce505b2
SHA512

6ed39fe1178a9ebf5f5fc8a22f14e73c1728e409967f6ec37b23e24c503ae6533c411a70bd1fee711f0df724821621fbb8acb4a40e49e7fb70becfa35fdef583
SSDEEP

96:hdjanlg7z8pPBF7O81mN+ofp18Vt0t+fTnTow/1ZTSj:ParHtON3b8P0wUX

Score

N/A

Malware Config

Signatures

Files

bdc3f6f400a3c344711810b8b547821b101981b53dbef862ec7b272f8ce505b2
.exe windows x86

68c44b457215e93b14d603395c6b6ee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

PsGetVersion
MmIsAddressValid
IoGetCurrentProcess
ObReferenceObjectByHandle
ZwOpenProcess
MmMapLockedPages
MmBuildMdlForNonPagedPool
MmCreateMdl
ZwTerminateProcess
KeServiceDescriptorTable
PsLookupProcessByProcessId
MmUnmapLockedPages
ZwClose
MmSystemRangeStart
IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
PsSetCreateProcessNotifyRoutine
KeInitializeSpinLock
IoCreateSymbolicLink
IoCreateDevice
KeQuerySystemTime
IoFreeMdl
IofCompleteRequest

hal

KfReleaseSpinLock
KfAcquireSpinLock

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 203B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 768B - Virtual size: 752B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 384B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy