w3l[.]exe | Triage

Submit
Reports

Overview

overview

1

Static

static

1

w3l.exe

windows7-x64

1

w3l.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

w3l.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

w3l.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

w3l.exe
Size

4KB
MD5

e023791868028e855ae69400773eaceb
SHA1

691e7cd546c43bfcf5c8a1ca5018171998a9f26f
SHA256

a0737361a21b80e5a79e86d80ff015f5fa0ad3faaba4313641925b113211b444
SHA512

d51f42e0ae515215562d5fe75e7f786982aedcf29e0420e472423f27db76414488432574df72fa09d5b2d5549bc8f76e5f4c231a0b7c021bacd1026c3c8c5b0b
SSDEEP

24:7pfs7y+/m5Y63ZZ+aXdcCkEF2vIyvIs+i4BsRvkc5X3aUlesI2pG+H3n:9k5F6JZ+31ERbs+i4Bwvke68esI2bX

Score

1^/10

Malware Config

Signatures

Files

w3l.exe
.exe windows x86

0e4021554a373d5cb9215de2f75bd91d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
WriteProcessMemory
TerminateProcess
ExitProcess
GetStartupInfoA
CreateProcessA
GetCommandLineA
GetCurrentProcess
ResumeThread
GetThreadContext

user32

MessageBoxA

Sections

code
Size: 322B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

data
Size: 220B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IMPORTS
Size: 66B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

imports
Size: 392B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

relocs
Size: 114B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

resource
Size: 924B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy