f818b13e1bbdb7d39765c30e1af208adc4852f7d0abc46108fea641f4b3a0c9c | Triage

Submit
Reports

Overview

overview

1

Static

static

f818b13e1b...9c.exe

windows7-x64

f818b13e1b...9c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f818b13e1bbdb7d39765c30e1af208adc4852f7d0abc46108fea641f4b3a0c9c.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

f818b13e1bbdb7d39765c30e1af208adc4852f7d0abc46108fea641f4b3a0c9c.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

f818b13e1bbdb7d39765c30e1af208adc4852f7d0abc46108fea641f4b3a0c9c
Size

8KB
MD5

e4eb8c9c0f59af44baa0f8851cc60cd3
SHA1

9974610a49650dd76f54c11a9b80171725d38b76
SHA256

f818b13e1bbdb7d39765c30e1af208adc4852f7d0abc46108fea641f4b3a0c9c
SHA512

0de228f0b40d7c8cfb3f6c92b9b8ce0ba55773d323cb93841767ecccc3b23b69c763cd5c48ec2996f44a1b392bde483de7074bad9762c143e793ad19eaa860b6
SSDEEP

192:4Y0vyFA205Da/gSFSSXCxpTYXAK47b20xtcRLlBNv0z8qsx7QI8RF:4Y0v1p52/4p7K47b1Sv65k0F

Score

N/A

Malware Config

Signatures

Files

f818b13e1bbdb7d39765c30e1af208adc4852f7d0abc46108fea641f4b3a0c9c
.exe windows x86

37d7d43d8af67d691484420536d9ce54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ndis.sys

NdisGetCurrentSystemTime
NdisRegisterProtocol

ntoskrnl.exe

RtlInitUnicodeString
IoCreateDevice
IoCreateSymbolicLink
IofCompleteRequest
KeServiceDescriptorTable
MmIsAddressValid
IoGetCurrentProcess
PsLookupProcessByProcessId
ObDereferenceObject
IoGetDeviceObjectPointer
IoBuildDeviceIoControlRequest
PsGetCurrentProcessId
IoCreateFile
IofCallDriver
ZwAllocateVirtualMemory
RtlCompareUnicodeString

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 608B - Virtual size: 594B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 688B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy