6f4d3d6c2a498eb6ec4d14978bc2a6a7722fe7ff9a8b6c760d14e01cc2c4f789

Sharing

Copy URL Twitter E-mail

General

Target

6f4d3d6c2a498eb6ec4d14978bc2a6a7722fe7ff9a8b6c760d14e01cc2c4f789
Size

183KB
MD5

4890c8d0fd84c13c3112fa51e9548c18
SHA1

3a6b76146ca42ee42179f02e5d4d81ee4342186d
SHA256

6f4d3d6c2a498eb6ec4d14978bc2a6a7722fe7ff9a8b6c760d14e01cc2c4f789
SHA512

6ffcbb8dd7abdb8f555a6b2670efd4de2ce40cc199d9c5ccd4afc53ab31b317e4bba9837704ef28ae911f84ca9e26705b9d41956b58dcd187e61f90f42a31c07
SSDEEP

3072:/c4M1N1i7aPuYtN+CeJ4//E+7mslheiHsI/U+owztYcegkZq9lz7VOfy+1iVyEdJ:/c9oEug+dJ4nE+a6hgiU+dOgaq9lz7VZ

Score

N/A

Malware Config

Signatures

Files

6f4d3d6c2a498eb6ec4d14978bc2a6a7722fe7ff9a8b6c760d14e01cc2c4f789
.dll windows x86

c3e63a7eac60208c7c354678ddd92762

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeReadStateEvent
RtlUpcaseUnicodeChar
RtlInitString
SeDeleteObjectAuditAlarm
IoFreeMdl
ExCreateCallback
SeDeassignSecurity
RtlxUnicodeStringToAnsiSize
RtlEqualString
KeBugCheck
RtlInitUnicodeString
IoGetRelatedDeviceObject
MmUnmapIoSpace
RtlEqualUnicodeString
MmSecureVirtualMemory
IoAcquireCancelSpinLock
RtlUnicodeStringToInteger
PsGetCurrentThreadId
RtlInitAnsiString
IoBuildSynchronousFsdRequest
RtlFindNextForwardRunClear

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idat
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dir
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ihelp
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ahelp
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vdat
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3e63a7eac60208c7c354678ddd92762

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 2KB - Virtual size: 41KB

.idat Size: 512B - Virtual size: 88B

.idata Size: 1024B - Virtual size: 624B

.dir Size: 512B - Virtual size: 28B

.ihelp Size: 512B - Virtual size: 140B

.ahelp Size: 512B - Virtual size: 140B

.init Size: 10KB - Virtual size: 9KB

.vdat Size: 512B - Virtual size: 300B

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 484B

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 2KB - Virtual size: 41KB

.idat
Size: 512B - Virtual size: 88B

.idata
Size: 1024B - Virtual size: 624B

.dir
Size: 512B - Virtual size: 28B

.ihelp
Size: 512B - Virtual size: 140B

.ahelp
Size: 512B - Virtual size: 140B

.init
Size: 10KB - Virtual size: 9KB

.vdat
Size: 512B - Virtual size: 300B

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 484B