d78f89b951056e3783d405531bbfff131593c595904865489d74019272cd5270 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d78f89b951056e3783d405531bbfff131593c595904865489d74019272cd5270
Size

45KB
MD5

774d2754f5b042cb64ed013a57e50eb5
SHA1

214a0023a04c962ef379625fc13eaf53611aa1e8
SHA256

d78f89b951056e3783d405531bbfff131593c595904865489d74019272cd5270
SHA512

468e891f3273aab4737db1327e6c51872ff8ed0cf665721012c5905e54fd154ee81b9af306997eb266afecff37eeeef63af8670ef1fc80be09319d4a2de3dcbe
SSDEEP

768:GZcoO/hzULgFEahIo5PFHo07mNviC63YQIU6qdpYHDKe2sQ8Qwe36lnP7OqsMUiS:GioOYgqahI+dHo07m63YQIU6qdCHDKe

Score

N/A

Malware Config

Signatures

Files

d78f89b951056e3783d405531bbfff131593c595904865489d74019272cd5270
.exe windows x86

013d2f583c1dab639ef08c93e93cb7df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
ExAllocatePoolWithTag
RtlCharToInteger
ExFreePoolWithTag
IoFreeIrp
memset
IoAllocateIrp
RtlGetVersion
RtlHashUnicodeString
KeTickCount
KeBugCheckEx

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 378B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ