1d9fe5fa421f5794250f99560e8c88841f6ca3c56bd0b635543778cf1ac5dee3

Sharing

Copy URL Twitter E-mail

General

Target

1d9fe5fa421f5794250f99560e8c88841f6ca3c56bd0b635543778cf1ac5dee3
Size

38KB
MD5

6649fd984932484b0c7fe355f724c5bd
SHA1

dd760e430589ce1d8bd8794d22893755651d8570
SHA256

1d9fe5fa421f5794250f99560e8c88841f6ca3c56bd0b635543778cf1ac5dee3
SHA512

8522de6fcf90956a62c8cccf236eee99d1938289441ef61f2a09fcf5cb10fe61bfefbc5f93be68a6f491ae11d6a65970fa3ece9ff9345392328fb11c766a9fc1
SSDEEP

384:P442zxc/G5oL7fCUdGvM6jDJlPTBwrFPtmrMIACXJBvPl23MNStA9r7GzkWX0Kll:h007fh6jDJoFAzZE3MctsronZ7EoXz

Score

N/A

Malware Config

Signatures

Files

1d9fe5fa421f5794250f99560e8c88841f6ca3c56bd0b635543778cf1ac5dee3
.dll windows x86

6df64733d9716ce8915e266f83475abe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoAllocateMdl
MmAllocateContiguousMemory
RtlAreBitsClear
RtlDeleteRegistryValue
RtlEqualString
IoAllocateErrorLogEntry
RtlCharToInteger
IoSetShareAccess
PoRequestPowerIrp
RtlUnicodeToMultiByteN
KeSetKernelStackSwapEnable
ZwDeleteKey
RtlFindUnicodePrefix
CcSetBcbOwnerPointer
ExReinitializeResourceLite
RtlInt64ToUnicodeString
KeInsertHeadQueue
FsRtlIsTotalDeviceFailure
PsLookupThreadByThreadId
RtlOemStringToUnicodeString
ExSystemTimeToLocalTime
KeRemoveByKeyDeviceQueue

Exports

Exports

?mmuwabvXp@@YGDFJ@Z
?piOaOgkI@@YGFPAM@Z
?dBUDigahkMAjRA@@YGIKPAI@Z
?VcoucChxdzphoWvS@@YGGH@Z
?uveJOyLCoric@@YGPAEHPAD@Z
?plvsncomwsaeGyxqakadk@@YGPAGPAE@Z

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 694B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbgdir
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 461B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6df64733d9716ce8915e266f83475abe

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 694B

.edata Size: 512B - Virtual size: 272B

.dbgdir Size: 512B - Virtual size: 512B

.dbg Size: 512B - Virtual size: 512B

INIT Size: 9KB - Virtual size: 9KB

INIT Size: 512B - Virtual size: 461B

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 694B

.edata
Size: 512B - Virtual size: 272B

.dbgdir
Size: 512B - Virtual size: 512B

.dbg
Size: 512B - Virtual size: 512B

INIT
Size: 9KB - Virtual size: 9KB

INIT
Size: 512B - Virtual size: 461B

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 1KB - Virtual size: 1KB