4f5c3da9cb64477c6a09c89576f9af6c7b94ffa86e676652359d530d5f696fe9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f5c3da9cb64477c6a09c89576f9af6c7b94ffa86e676652359d530d5f696fe9
Size

36KB
MD5

721fc646f0c772a6b250773644ac7c02
SHA1

49c2d177f05f89b89633bf539a5efb943143fcc7
SHA256

4f5c3da9cb64477c6a09c89576f9af6c7b94ffa86e676652359d530d5f696fe9
SHA512

d1c4f26d18af12ada5f149fdc0b18373aecce7d12188707492075481de1a0bc7f13aff852400bbe197b650cb23318e25740b20f1663ffa7241d852d6c7f0b300
SSDEEP

384:4ZlhlFRFj8+0ClM6aLCspM3ZmQNmoYJLW7wycRbgK:I3j8yMx3vQQ9LJb7

Score

N/A

Malware Config

Signatures

Files

4f5c3da9cb64477c6a09c89576f9af6c7b94ffa86e676652359d530d5f696fe9
.exe windows x86

07ab1cbed45ec57fff7df0ac91b4a085

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmGetSystemRoutineAddress
RtlInitUnicodeString
IofCompleteRequest
DbgPrint
KeServiceDescriptorTable
IoDeleteDevice
IoDeleteSymbolicLink
IoCreateDevice
memmove
memcpy
KeTickCount
RtlUnwind
KeBugCheckEx

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 414B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ