bb61759393fc21976c1b84afb80451ebb60ad2e2ba68b919703d3c8ff089de7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb61759393fc21976c1b84afb80451ebb60ad2e2ba68b919703d3c8ff089de7e
Size

66KB
MD5

6eb5b9f79a933e342f57c7e3dd4e214e
SHA1

c43523e2f1422c9d27dde78ca90f99674c739762
SHA256

bb61759393fc21976c1b84afb80451ebb60ad2e2ba68b919703d3c8ff089de7e
SHA512

2fc4168cf1113b936e695a514ac2bd6a47f9523ba7a9f1c5c51f0f5270b59842d41eb79290199e7ad435a08823cd128fece7bbdf963de3f2de085f3bb60eaaba
SSDEEP

1536:IGPXt/gKk8zlQoGUDUFqIjKdm7BhguCqqdfOxhh8:Vvt/5HJQlUDUQPdw+ug2xv8

Score

N/A

Malware Config

Signatures

Files

bb61759393fc21976c1b84afb80451ebb60ad2e2ba68b919703d3c8ff089de7e
.exe windows x86

3926e348ef82d1ba293dc9bf79853cd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
RtlCharToInteger
ExFreePoolWithTag
memset
RtlAppendUnicodeStringToString
RtlInitUnicodeString
RtlGetVersion
KeTickCount
KeBugCheckEx

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 896B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 352B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ