0abcaa48ff3d4705a3798dd2de2eccbd2f8716c3615cb832421c15de767bd7bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0abcaa48ff3d4705a3798dd2de2eccbd2f8716c3615cb832421c15de767bd7bf
Size

8KB
MD5

90b9cff54c8b1e10dda2d3ef0de6512f
SHA1

77c7c34d308b20e822659fae0d6b63fa1a194725
SHA256

0abcaa48ff3d4705a3798dd2de2eccbd2f8716c3615cb832421c15de767bd7bf
SHA512

88dfdd097ff399d55f8d2f3bc6d59e7cc941b5d3b5c98d5fed34589046ccdffb06118ca60c01ad733c1fdeafde370f3715a573f95bb361e82e8e0753202007bf
SSDEEP

192:G1PaoUWrJWHZDNCuZRZiqdiRLw53OjwtmA:80WrJW9Z2m5+1A

Score

N/A

Malware Config

Signatures

Files

0abcaa48ff3d4705a3798dd2de2eccbd2f8716c3615cb832421c15de767bd7bf
.exe windows x86

1e484aa476e511cfea3b69315ca5ad42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
DbgPrint
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
KeTickCount

Sections

.text
Size: 640B - Virtual size: 592B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ