43e1eef304fa0c4e0d1f1eef9095d576151df0f7cb584a3305a0d29533bae7f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43e1eef304fa0c4e0d1f1eef9095d576151df0f7cb584a3305a0d29533bae7f7
Size

134KB
MD5

6b1d25c58b7b76df5378b3d482784465
SHA1

3aa4047d38820bab67c71a1c0b5d7995b82f3baf
SHA256

43e1eef304fa0c4e0d1f1eef9095d576151df0f7cb584a3305a0d29533bae7f7
SHA512

3921b62b93ad54b2637d9a1d2e514b02a06638483e97983cb97327432e7fd295fc803201ce247c1f7c7b8ef9c30253c1d688813938a70d3c55e0e6231785325f
SSDEEP

3072:5VqOFXumUIgERMiOvKpHj2HjVpQkZoQRe4RZP/y:5VqHmUIRzJ6Hj8kZok

Score

N/A

Malware Config

Signatures

Files

43e1eef304fa0c4e0d1f1eef9095d576151df0f7cb584a3305a0d29533bae7f7
.dll windows x86

cc0daa0c5291b0d49c28b9af69b5b33b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlAnsiCharToUnicodeChar
FsRtlRemoveMcbEntry
ExFreePoolWithTag
ZwQuerySystemInformation
KeBugCheckEx
wcsncpy
KeQueryTimeIncrement
IoRaiseHardError
ExAllocatePoolWithTag
DbgPrint
CcRemapBcb
strncpy
strncmp
ObfReferenceObject
RtlSubAuthoritySid
_except_handler3
IofCompleteRequest
strstr
SeSetSecurityDescriptorInfo
KeQuerySystemTime
KeTickCount
FsRtlInitializeLargeMcb
MmMapLockedPagesSpecifyCache
IoGetCurrentProcess
ObReferenceObjectByHandle

Sections

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 640B - Virtual size: 640B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 768B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE