398a6e31d56558185f47a91f7e38b073214770ab1a177a5600c660b6eef35cce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

398a6e31d56558185f47a91f7e38b073214770ab1a177a5600c660b6eef35cce
Size

63KB
MD5

3a3a664a2317f4892ed9cdfcc6b45914
SHA1

3a123743dcc96bb4632ccf8cce8e9d2de35e5672
SHA256

398a6e31d56558185f47a91f7e38b073214770ab1a177a5600c660b6eef35cce
SHA512

2edbe41e428e5f405b0cb61f1c4f7b854c0508bd09825d15fd812249fce5f8b24606cf4bf38a232365c14f475fb6dd5a8eaf4a930660b3ab81fe912ad794e20e
SSDEEP

1536:l7YMHPbeIn+6yk0SwPRzXCx9YzW/3S5aozGC:mmPbe0WhCvY4Xoz7

Score

N/A

Malware Config

Signatures

Files

398a6e31d56558185f47a91f7e38b073214770ab1a177a5600c660b6eef35cce
.dll windows x86

aa6c559384aec7cb0cbf7f23f82edac5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExRaiseStatus
RtlCheckRegistryKey
RtlInitString
ExGetSharedWaiterCount
RtlSubAuthoritySid
KeRemoveByKeyDeviceQueue
RtlUpperChar
ProbeForRead
CcRemapBcb
RtlFindSetBits
PoUnregisterSystemState
RtlUpcaseUnicodeString
KeFlushQueuedDpcs
CcFastMdlReadWait
RtlEqualString
FsRtlSplitLargeMcb
SeAccessCheck
RtlEqualUnicodeString
IoCreateNotificationEvent
PsGetCurrentThread
RtlTimeFieldsToTime
MmQuerySystemSize
RtlInitUnicodeString
FsRtlAllocateFileLock

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ