12e74b5f052bee76942ac2e49484b4e652735c1f07353c2d9ad41ad5624c6088

General

Target

12e74b5f052bee76942ac2e49484b4e652735c1f07353c2d9ad41ad5624c6088
Size

73KB
MD5

69c590b1be583bf6c11d3fd798754d10
SHA1

976d9d189f775f532f64fd0839c1f13af366eb3f
SHA256

12e74b5f052bee76942ac2e49484b4e652735c1f07353c2d9ad41ad5624c6088
SHA512

b9068c92986468ef56d4381da8067bbde71f2f35f62cedd2e5076e50a2a2b4716a753fdfb929dfe2ef88c21485f8a62b049ced9b419c29ad6be96c1c9b704a8e
SSDEEP

1536:WJUSp4Uzp/5ZJzM4S7e2eZ4C9ve8oTOxIbMdudyd7lmJp2cP:KaUttzTsMZ4CNhJINyd7lmJh

Score

N/A

Malware Config

Signatures

Files

12e74b5f052bee76942ac2e49484b4e652735c1f07353c2d9ad41ad5624c6088
.dll windows x86

b5eef883b759a53f1a0caa357291350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExSetTimerResolution
IoAllocateErrorLogEntry
KeInitializeDpc
RtlUnicodeStringToOemString
RtlGetVersion
SeCaptureSubjectContext
IoVerifyPartitionTable
ExGetPreviousMode
ZwReadFile
KeEnterCriticalRegion
IoDeleteDevice
KeInitializeSemaphore
RtlCreateAcl
FsRtlNotifyUninitializeSync
RtlInitializeGenericTable
CcFlushCache
IoBuildPartialMdl
MmIsVerifierEnabled
ExDeleteResourceLite
IoReleaseVpbSpinLock
PsCreateSystemThread
KeInitializeQueue
KeDelayExecutionThread
FsRtlIsFatDbcsLegal
RtlCreateSecurityDescriptor
ExRegisterCallback
ObReferenceObjectByHandle
IoStartPacket
ObCreateObject
SeLockSubjectContext
IoGetDeviceProperty
KeGetCurrentThread
KeSetTargetProcessorDpc
RtlFindNextForwardRunClear
ZwDeleteValueKey
RtlWriteRegistryValue
IoGetInitialStack
CcMapData
KeTickCount
MmUnmapReservedMapping
FsRtlFastUnlockSingle
KeSetBasePriorityThread
ExAllocatePoolWithTag
KeInitializeSpinLock
KeLeaveCriticalRegion
ExRaiseAccessViolation
ObReleaseObjectSecurity
IoBuildSynchronousFsdRequest
MmMapLockedPagesSpecifyCache

Exports

Exports

?IsValidPointer@@YGPAIEH<V
?CallVersionOld@@YGPA_NPAHPAD<V
?IsNotStringW@@YGMIPAJ<V
?FormatDeviceEx@@YGHM<V
?IsDateTimeW@@YG_NJF<V
?InsertText9;

Sections

.text
Size: 65KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5eef883b759a53f1a0caa357291350d

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 91KB

.text
Size: 65KB - Virtual size: 91KB