04[.]exe | Triage

Sharing

General

Target

04.exe
Size

4KB
MD5

3291e1603715c47a23b60a8bf2ca73db
SHA1

41531fa6b5086e9150b57256efbcd47d7c05cd53
SHA256

aa0bbaecb678868e1e7f57c7ca9d61b608b3d788be490790eb1d148beadf4615
SHA512

4d96b69fbffeafd1a149d4689335d5fc98116ec2aa664d2da23ebf91cf9ea8e896d8dc6775f6b3a847e66eb05917882594125fe46b89a13c168073a55c9d10a8

Score

N/A

Malware Config

Signatures

Files

04.exe
.dll windows x86

4ab64aebae0dd65a5d0dda9f9befd033

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
ObfDereferenceObject
ExAllocatePoolWithTag
ZwQuerySystemInformation
MmUnlockPages
IoFreeMdl
MmUnmapLockedPages
MmMapLockedPagesSpecifyCache
MmProbeAndLockPages
IoAllocateMdl
_except_handler3

Sections

.text
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ