1ebe40ac2100a94c0c07ce27d32e3cbcadeeafeaf6d5b5f7b507a733b846be23 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ebe40ac2100a94c0c07ce27d32e3cbcadeeafeaf6d5b5f7b507a733b846be23
Size

46KB
MD5

e0e5b40c8dd99e2c7b1a9e0fd1380e04
SHA1

c2809457facee4ed37b144feb12ce0fc58148a07
SHA256

1ebe40ac2100a94c0c07ce27d32e3cbcadeeafeaf6d5b5f7b507a733b846be23
SHA512

7e8a969be58332665aaa7caf1844e2e2aba24149683c99208024044d5e366fe380cb8fb1b333d543c1b569dedbdbc65e0ca9e31e99ea2065dce5273fc08eec99
SSDEEP

768:Jw1J9Ctc10U0PZc5cmScPSaGQlvrs/9DnWqhQeWpnt1+OMCe:4J9uhfZkSaNlvrkhWztAPC

Score

N/A

Malware Config

Signatures

Files

1ebe40ac2100a94c0c07ce27d32e3cbcadeeafeaf6d5b5f7b507a733b846be23
.dll windows x86

7608e4ec86676acb37f477ed40b6085e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlCompareMemory
IoCreateDevice
KePulseEvent
IoSetThreadHardErrorMode
MmSetAddressRangeModified
RtlAppendStringToString
CcDeferWrite
IoRaiseHardError
CcSetBcbOwnerPointer
ObQueryNameString
IoFreeWorkItem
MmFreePagesFromMdl
RtlInitString
ProbeForRead
KeDelayExecutionThread
RtlCompareString
MmUnmapIoSpace
RtlUnicodeToMultiByteN
RtlNtStatusToDosError
KeQueryTimeIncrement
RtlEqualString
SeImpersonateClientEx

Exports

Exports

?dnuVrhv@@YGPADF@Z
?ovrtpceNmFaQcjsMsA@@YGPAJPAEPAD@Z
?sfjqyLf@@YGXEJ@Z

Sections

.text
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ