3d7b1db5336a6cde8921d00e56745cb6ab909f3dbb86ff9cf00d05273ec5e0f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d7b1db5336a6cde8921d00e56745cb6ab909f3dbb86ff9cf00d05273ec5e0f2
Size

72KB
MD5

4c6d855112741a89c70efbc5aa776de8
SHA1

a31a5a08edf5787ed2a4c9c2b6b95339e315901d
SHA256

3d7b1db5336a6cde8921d00e56745cb6ab909f3dbb86ff9cf00d05273ec5e0f2
SHA512

10cb9a7c6692f0dd7397a0cc25fe4be3d9e27747868f302a417f2af76f5d008f0493c8753890343f3705a708795da637ec6b2790191ef9547175224365e898b6
SSDEEP

1536:CRfJ5hAk7OAmK1rMFJbjtEtrDmMDCGrgHxN4Xsdl5w8xJXO3O:CX5d8orMFBADmMDhOndlq8x0e

Score

N/A

Malware Config

Signatures

Files

3d7b1db5336a6cde8921d00e56745cb6ab909f3dbb86ff9cf00d05273ec5e0f2
.dll windows x86

7336b0bda149211fb9ee498ad2216601

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitString
KeCancelTimer
RtlLengthRequiredSid
RtlInitUnicodeString
RtlCompareString
SeCaptureSubjectContext
KeInitializeTimerEx
RtlIntegerToUnicodeString
FsRtlCheckLockForWriteAccess
ExReinitializeResourceLite
ExReleaseFastMutexUnsafe
KeReleaseMutex
KeSetKernelStackSwapEnable
RtlCharToInteger
IoCheckEaBufferValidity
RtlEqualString
KeRemoveQueue
ZwQueryInformationFile
strncpy
IoStopTimer
RtlEqualUnicodeString

Sections

.text
Size: 25KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ