a9199247423b3670c060b99018a2b8aeb26c2c3c7ced7198fe5bb8365697e9f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9199247423b3670c060b99018a2b8aeb26c2c3c7ced7198fe5bb8365697e9f9
Size

5KB
MD5

47aa13a7a618615f8eaaf677d9c1b6b7
SHA1

73b8be8487f1a0c5679ac83c87d0092f415d8f14
SHA256

a9199247423b3670c060b99018a2b8aeb26c2c3c7ced7198fe5bb8365697e9f9
SHA512

57235adf506000aa80677900cc3291796b871f19f4f7664e0174a619ef52cfe2024bba8c1249e83e92c7061611bc9847bb71c498b8a407cc62688ad1568821fd
SSDEEP

96:GuAQDy437oVd2NuRTKbP6KAmdBZfWZatKQMwSHCAYDnyCrAP/sFR:HAQm4roVMNBXbhWZcKDmyCrUM

Score

N/A

Malware Config

Signatures

Files

a9199247423b3670c060b99018a2b8aeb26c2c3c7ced7198fe5bb8365697e9f9
.exe windows x86

073b7b3fb5a924b1ab28cd9f4551c41c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
ExFreePool
strncmp
strncpy
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IofCompleteRequest
ExAllocatePoolWithTag
IoDeleteSymbolicLink
ObfDereferenceObject
KeWaitForSingleObject
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
IoGetDeviceObjectPointer

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 480B - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 288B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ