e900a32488c0b9a72b438869cd9aff6d8690a2374ad9f1474058952db0f8e94f

Sharing

Copy URL Twitter E-mail

General

Target

e900a32488c0b9a72b438869cd9aff6d8690a2374ad9f1474058952db0f8e94f
Size

378KB
MD5

69f2bfd2ac6dc1f1597127c79563e940
SHA1

f501eabc341ee9f30a8eb1ff6b6a7cd79d31aab0
SHA256

e900a32488c0b9a72b438869cd9aff6d8690a2374ad9f1474058952db0f8e94f
SHA512

999da35f7f7167c88084f07d9c308e2b60fcaa74d85678eb6562c88d55d9c13dd099889742299913f0a9929f1dd73b0adb8d6c3eae522414fa820e3d1d5be9eb
SSDEEP

6144:OngMBhAKzms++k9kNIzk16ffkurOpbDIgFhXYWXMHJyUooBMpacpVnYrZVxWn60a:Le7FQ2KJPcniWgdQsyDS

Score

N/A

Malware Config

Signatures

Files

e900a32488c0b9a72b438869cd9aff6d8690a2374ad9f1474058952db0f8e94f
.dll windows x86

f44a33f5135d8d3b13f52850e1228342

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoAllocateMdl
RtlxUnicodeStringToAnsiSize
RtlInitString
KeRemoveByKeyDeviceQueue
RtlInitUnicodeString
RtlTimeToTimeFields
IoSetShareAccess
IoCheckQuotaBufferValidity
FsRtlLookupLastLargeMcbEntry
ExReleaseFastMutexUnsafe
RtlFindUnicodePrefix
IoDeleteController
RtlEqualString
FsRtlAllocateFileLock
RtlxUnicodeStringToOemSize
KeBugCheckEx
RtlEqualUnicodeString

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itab
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 530B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.etab
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd3
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd1
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msd2
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd4
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f44a33f5135d8d3b13f52850e1228342

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 10KB - Virtual size: 9KB

.itab Size: 512B - Virtual size: 72B

.idata Size: 1024B - Virtual size: 530B

.etab Size: 512B - Virtual size: 512B

.msd3 Size: 512B - Virtual size: 28B

.msd1 Size: 512B - Virtual size: 140B

.msd2 Size: 512B - Virtual size: 140B

.msd4 Size: 512B - Virtual size: 289B

.data Size: 1KB - Virtual size: 42KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 1024B - Virtual size: 628B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 10KB - Virtual size: 9KB

.itab
Size: 512B - Virtual size: 72B

.idata
Size: 1024B - Virtual size: 530B

.etab
Size: 512B - Virtual size: 512B

.msd3
Size: 512B - Virtual size: 28B

.msd1
Size: 512B - Virtual size: 140B

.msd2
Size: 512B - Virtual size: 140B

.msd4
Size: 512B - Virtual size: 289B

.data
Size: 1KB - Virtual size: 42KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 1024B - Virtual size: 628B