6130fd035cc5d67f5c595cc4f952712517eb8ba418fbaed26a5179582f852e14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6130fd035cc5d67f5c595cc4f952712517eb8ba418fbaed26a5179582f852e14
Size

61KB
MD5

535cec1e4dc295003866695bc56e40c6
SHA1

27634b2221e249455f9592b33b0d66acef873bc4
SHA256

6130fd035cc5d67f5c595cc4f952712517eb8ba418fbaed26a5179582f852e14
SHA512

f8969f5127f58834a20137c3d70f4d2a28b99446901402b722adae57aa387161e4019ce289910883ddc38126e38c835c4e24eb16d6b619ff363cc2e959ea21c2
SSDEEP

1536:OPMaDN1Lh1r1x5gQ3TLNtEtrDmMDbwoGLwzYVmcsdR:OPFN9Prn5giyDmMDJqYYVmcsdR

Score

N/A

Malware Config

Signatures

Files

6130fd035cc5d67f5c595cc4f952712517eb8ba418fbaed26a5179582f852e14
.dll windows x86

ab6a8d39cfc3cceef5a38efeb43187df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeCancelTimer
RtlUpcaseUnicodeToOemN
ZwAllocateVirtualMemory
SeDeassignSecurity
IoInitializeIrp
ExGetExclusiveWaiterCount
RtlGetNextRange
KeReadStateTimer
IoRegisterDeviceInterface
RtlCharToInteger
ZwFlushKey
KePulseEvent
RtlCompareString
KeRemoveQueueDpc
strncpy
ExReleaseResourceLite
RtlCheckRegistryKey
FsRtlCheckOplock
RtlEqualUnicodeString
RtlRemoveUnicodePrefix
RtlInitUnicodeString
RtlIntegerToUnicodeString
KeInitializeTimerEx
RtlEqualString
RtlInitString
RtlUpperChar
ZwDeviceIoControlFile
ZwDeleteKey
FsRtlFreeFileLock

Sections

.text
Size: 25KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ