4d50109c9f5847cb7361b1c8dfe3d7716c6c8ead9ca9b79f84fe410895af7e1b | Triage

Submit
Reports

Overview

overview

1

Static

static

1

4d50109c9f...1b.exe

windows7-x64

4d50109c9f...1b.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4d50109c9f5847cb7361b1c8dfe3d7716c6c8ead9ca9b79f84fe410895af7e1b.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

4d50109c9f5847cb7361b1c8dfe3d7716c6c8ead9ca9b79f84fe410895af7e1b.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

4d50109c9f5847cb7361b1c8dfe3d7716c6c8ead9ca9b79f84fe410895af7e1b
Size

32KB
MD5

6847eead9088d87f748228c579977b71
SHA1

b0fbca522e644c115c09d12a6b4a9832ca29300a
SHA256

4d50109c9f5847cb7361b1c8dfe3d7716c6c8ead9ca9b79f84fe410895af7e1b
SHA512

ac3f1603d0ddc1eb8e0821627e8d92db0bffbac6e477ce4318975fed176848b54452c978a753b948b158a34239fc8c260799b835f444f6d1ff89f07607cbead1
SSDEEP

768:J7T9CZ988Msnfit2UpVUuUouT/d0iB/3leS/hCyeuj7v:J7IX8snfit2QWuy+E/1Lh6Q7v

Score

1^/10

Malware Config

Signatures

Files

4d50109c9f5847cb7361b1c8dfe3d7716c6c8ead9ca9b79f84fe410895af7e1b
.exe windows x86

fb3495af00d31a0abf2668feb7aef57b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtClose
NtQueryValueKey
NtOpenKey
RtlInitUnicodeString
NtSetValueKey
NtWriteFile
NtReadFile
NtCreateFile
NtOpenFile
RtlCompareUnicodeString
RtlCreateUnicodeString
NtDisplayString
wcscat
RtlFreeUnicodeString
RtlFormatMessage
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlFindMessage
NlsMbCodePageTag
NtSetInformationFile
RtlFreeHeap
RtlAllocateHeap
NtQueryDirectoryFile
memmove
wcscmp
wcslen
wcscpy
RtlGetLongestNtPathLength
NtQueryInformationFile
wcsstr
DbgPrint
RtlAdjustPrivilege
NtTerminateProcess
DbgBreakPoint
RtlUnicodeStringToAnsiString
RtlNormalizeProcessParams

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy