5989b157018712aa6861e5c455929c0de441103bba211e33a158abd8212a9b0e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5989b157018712aa6861e5c455929c0de441103bba211e33a158abd8212a9b0e
Size

5KB
MD5

0108bf354577bb19ec9f9ac9f8457824
SHA1

52d0137f2a3d1310dcb73674a5d70f8fae11cb8e
SHA256

5989b157018712aa6861e5c455929c0de441103bba211e33a158abd8212a9b0e
SHA512

ed6a8b5ce05ace04252f59d0693e81d75add2321935af2c213d7488b55ce668ba113d6f6d594562de234e07c12c1c184d58bd7615cb966689378cb1aadf46b2d
SSDEEP

96:2Vyvob198Tb7Nb/7vBXieiEHKn8vm86N8ay1h6y81Gh9X7:sb198TbZTrBXieiEq+m58ayKJ0n

Score

N/A

Malware Config

Signatures

Files

5989b157018712aa6861e5c455929c0de441103bba211e33a158abd8212a9b0e
.exe windows x86

f86e8fe8b263ea93ee50105a86dc4420

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmMapLockedPages
MmBuildMdlForNonPagedPool
ExFreePoolWithTag
wcslen
RtlWriteRegistryValue
RtlCreateRegistryKey
RtlCompareUnicodeString
ZwNotifyChangeKey
ZwOpenKey
ZwClose
ZwSetValueKey
ZwCreateKey
RtlQueryRegistryValues
memmove
ExAllocatePoolWithTag
RtlInitUnicodeString
_except_handler3
KeServiceDescriptorTable
MmIsAddressValid
KeAddSystemServiceTable
MmCreateMdl
KeTickCount
KeBugCheckEx

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 768B - Virtual size: 672B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 384B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ