d3d64a8ad406ea23160a23a6fd7eab9f5d27429c365f057808cc0b430ff74c21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3d64a8ad406ea23160a23a6fd7eab9f5d27429c365f057808cc0b430ff74c21
Size

51KB
MD5

4b9ee19015367aad9f7af11d509f0862
SHA1

1600c3bbe81472cbba8a4af2083b69d211980322
SHA256

d3d64a8ad406ea23160a23a6fd7eab9f5d27429c365f057808cc0b430ff74c21
SHA512

e5ce4404441801ee2f5c48140984a864aa9a7e31dfab712bb7d83a044efa74f092bd7d2175eea776ed255c9a5918743439d05c94845876348c6fc2fba8e43447
SSDEEP

1536:xNR7vBcVdqk4zTC6PusVKrjqwQH1n6LGv1cKDiGHtKSZAF:xNRzmVd0P2YW2h6LIcKDiGHtKSZAF

Score

N/A

Malware Config

Signatures

Files

d3d64a8ad406ea23160a23a6fd7eab9f5d27429c365f057808cc0b430ff74c21
.dll windows x86

be99e43cff38cf1291bb10e2e31336c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmUnmapLockedPages
RtlInitString
RtlUpcaseUnicodeString
ExUnregisterCallback
RtlStringFromGUID
ExSystemTimeToLocalTime
RtlEqualString
RtlCharToInteger
RtlEqualUnicodeString
RtlxUnicodeStringToAnsiSize
PsGetCurrentThread
KeSetTimer
PoSetSystemState
MmUnlockPagableImageSection
RtlCompareString
RtlInitUnicodeString
RtlIntegerToUnicodeString
KeRestoreFloatingPointState
RtlTimeFieldsToTime
RtlCreateSecurityDescriptor

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ