82e34e5b5cfe29bf45ae3629d431ce063ef7788fd43cbca20c85b8c9722357be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82e34e5b5cfe29bf45ae3629d431ce063ef7788fd43cbca20c85b8c9722357be
Size

76KB
MD5

11535c19404d5e5fde19bbdda3f1a027
SHA1

cefa4103e43e44d30ffa2afd72c7ad457ae0a48c
SHA256

82e34e5b5cfe29bf45ae3629d431ce063ef7788fd43cbca20c85b8c9722357be
SHA512

8ff339f96b3896e3347b5f7b011f4b57b336d876068757208e4e2339a42bd8978180f59af6acfbd47de596dc904001083c9746b13d20236d076a429612454822
SSDEEP

1536:T3JpydKnryGEcjLmvS/hH7Rxf+6Hnvalt1R:T3JpuKnrynce6/R7jxilt1

Score

N/A

Malware Config

Signatures

Files

82e34e5b5cfe29bf45ae3629d431ce063ef7788fd43cbca20c85b8c9722357be
.dll windows x86

ab6a8d39cfc3cceef5a38efeb43187df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeCancelTimer
RtlUpcaseUnicodeToOemN
ZwAllocateVirtualMemory
SeDeassignSecurity
IoInitializeIrp
ExGetExclusiveWaiterCount
RtlGetNextRange
KeReadStateTimer
IoRegisterDeviceInterface
RtlCharToInteger
ZwFlushKey
KePulseEvent
RtlCompareString
KeRemoveQueueDpc
strncpy
ExReleaseResourceLite
RtlCheckRegistryKey
FsRtlCheckOplock
RtlEqualUnicodeString
RtlRemoveUnicodePrefix
RtlInitUnicodeString
RtlIntegerToUnicodeString
KeInitializeTimerEx
RtlEqualString
RtlInitString
RtlUpperChar
ZwDeviceIoControlFile
ZwDeleteKey
FsRtlFreeFileLock

Sections

.text
Size: 25KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ