bc22459dd121ca5506bd77456b900739244e8832c524b4fb0c6af401e5795d1b

General

Target

bc22459dd121ca5506bd77456b900739244e8832c524b4fb0c6af401e5795d1b
Size

61KB
MD5

7777750576520cd01f984601d5435fce
SHA1

1574d161f63e14ad6ef675c52b47cbf333df75ad
SHA256

bc22459dd121ca5506bd77456b900739244e8832c524b4fb0c6af401e5795d1b
SHA512

7072042a17ba84a48b066466ea549c6b9f8e31219c9b885e804cea6cfdaab1de4cbb67b3ce513f957734800998d09bd08e404255a4a44a87fda549fe5aa5e086
SSDEEP

1536:lcxQo2Zt1ATllrOpab+1N7+pZ/TyTWRsdWy:l5ogtap8pxj761TyTS

Score

N/A

Malware Config

Signatures

Files

bc22459dd121ca5506bd77456b900739244e8832c524b4fb0c6af401e5795d1b
.dll windows x86

3a212da63814f22839143a31c4123b12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

FsRtlMdlWriteCompleteDev
KeTickCount
IoGetStackLimits
KeLeaveCriticalRegion
PoStartNextPowerIrp
RtlVolumeDeviceToDosName
KeReleaseMutex
RtlInitializeSid
ExReinitializeResourceLite
RtlFillMemoryUlong
MmQuerySystemSize
ZwEnumerateKey
KeRemoveDeviceQueue
KeGetCurrentThread
CcPinMappedData
SeValidSecurityDescriptor
ExInitializeResourceLite
ZwReadFile
RtlDowncaseUnicodeString
ExUnregisterCallback
IoReuseIrp
IoRemoveShareAccess
MmIsVerifierEnabled
IoGetInitialStack
FsRtlCheckLockForReadAccess
IoInitializeTimer
CcMdlWriteComplete
MmGetSystemRoutineAddress
IoGetDmaAdapter
MmUnsecureVirtualMemory
RtlCreateSecurityDescriptor
IoGetRequestorProcessId
IoCsqRemoveIrp
RtlInt64ToUnicodeString
ZwWriteFile
SeCreateClientSecurity
PsGetThreadProcessId
IoInvalidateDeviceRelations
CcPinRead
KeEnterCriticalRegion
PsGetCurrentThread
SeCaptureSubjectContext
MmSetAddressRangeModified
IoCreateStreamFileObjectLite
IoDisconnectInterrupt
ExGetExclusiveWaiterCount
RtlClearAllBits
SeSetSecurityDescriptorInfo
KeCancelTimer

Exports

Exports

?DecrementKeyboardW@@YGIJHF<V
?IsPointerExW@@YGXJDD<V
?FormatSizeEx@@YGDPAMPAFKH<V
?InstallMediaTypeNew@@YGPAMPAIH<V
?EnumDialogNew@@YGPAHMMPAFN<V
?HideNameA�

Sections

.text
Size: 60KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3a212da63814f22839143a31c4123b12

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 83KB

.text
Size: 60KB - Virtual size: 83KB