2f2bffee2ff1e0fe3f91c12f277e7d08b69c244de39c9a249ec98f7428580314

General

Target

2f2bffee2ff1e0fe3f91c12f277e7d08b69c244de39c9a249ec98f7428580314
Size

73KB
MD5

29cb55bf75608041f797e1fbfc41c2ef
SHA1

8fef42dee45efda56b357063880ec25c439a3230
SHA256

2f2bffee2ff1e0fe3f91c12f277e7d08b69c244de39c9a249ec98f7428580314
SHA512

319fea4072bc9f94fa6b722707405c54988014b84ae17978b1f486a23f9ce97b9a067540028185e36a7fcbcfca9bbe088e1d79ef8fa3faaabe1451a2daafc04c
SSDEEP

1536:qWyRwaSqAtJOn/ldIi/tpRIkqIpBY2FQ7vN:8R/S8dJFpRIpIpBYggvN

Score

N/A

Malware Config

Signatures

Files

2f2bffee2ff1e0fe3f91c12f277e7d08b69c244de39c9a249ec98f7428580314
.dll windows x86

e910e5325fda2c54526ea37cf7beeae8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

FsRtlFreeFileLock
IoGetBootDiskInformation
KeSetKernelStackSwapEnable
RtlCheckRegistryKey
ExRegisterCallback
RtlEqualUnicodeString
IoSetSystemPartition
RtlEqualString
SeDeleteObjectAuditAlarm
MmLockPagableSectionByHandle
IoCancelIrp
ExRaiseDatatypeMisalignment
IoAllocateIrp
ExFreePool
RtlInitUnicodeString
RtlCompareString
RtlHashUnicodeString
RtlInitString
IoGetRequestorProcessId
IoGetDeviceInterfaceAlias
RtlSetBits
KeReadStateEvent
RtlGUIDFromString
SeCreateClientSecurity
RtlUnicodeStringToInteger

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e910e5325fda2c54526ea37cf7beeae8

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 15KB - Virtual size: 15KB

.itext Size: 512B - Virtual size: 104B

.code Size: 512B - Virtual size: 320B

.icode Size: 512B - Virtual size: 320B

.data Size: 12KB - Virtual size: 46KB

.fdata Size: 512B - Virtual size: 306B

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 1024B - Virtual size: 804B

.text
Size: 15KB - Virtual size: 15KB

.itext
Size: 512B - Virtual size: 104B

.code
Size: 512B - Virtual size: 320B

.icode
Size: 512B - Virtual size: 320B

.data
Size: 12KB - Virtual size: 46KB

.fdata
Size: 512B - Virtual size: 306B

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 1024B - Virtual size: 804B