eaf261346ef94ec36c75e7eb61d43efcec64e6f03e2f899dedf4e504bce64daf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eaf261346ef94ec36c75e7eb61d43efcec64e6f03e2f899dedf4e504bce64daf
Size

84KB
MD5

8603e83c671c1e2f94442a33b70919f0
SHA1

c5994080da4cf83069c17191d8fbeffee34d8c7c
SHA256

eaf261346ef94ec36c75e7eb61d43efcec64e6f03e2f899dedf4e504bce64daf
SHA512

f8a4bb343b8988e7bb26e523f79f016dee559f16d26d53207d1a94a3dd9e1c984e5541d7fbc206ed720361f4e7e8cae7cd4f315a25aee39575c9048fa1dc5342
SSDEEP

1536:IMWJezoQ8bOuMvHGyc1d7LILAwmIJ6WEeSqQLmpLBS8YmfeDP1:IMmQ8C/Ht0dP0jJnEeSj0LBDYmfeDP1

Score

N/A

Malware Config

Signatures

Files

eaf261346ef94ec36c75e7eb61d43efcec64e6f03e2f899dedf4e504bce64daf
.exe windows x86

677155d525086efcd85dc6062523867c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmIsNonPagedSystemAddressValid
RtlAnsiStringToUnicodeString
ExAllocatePoolWithTag
MmGetSystemRoutineAddress
RtlValidRelativeSecurityDescriptor
RtlInitAnsiString

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 384B - Virtual size: 258B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 34B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ