ac46ecb0b531a81c14b127fff72b6d5c9c3d0a5690cf3174acee1b866870f38f

General

Target

ac46ecb0b531a81c14b127fff72b6d5c9c3d0a5690cf3174acee1b866870f38f
Size

76KB
MD5

40c7a51d1523c0941df15d026f25f184
SHA1

de5eafdc16264f0501d9838483dbe244534bfc45
SHA256

ac46ecb0b531a81c14b127fff72b6d5c9c3d0a5690cf3174acee1b866870f38f
SHA512

5ebc692d641457136ffe1619091fa111b0291de7acb9ff735a37595a018daffd8ec6705881d0bdd07bc47ef0a1ae210c966d29ee623a5160a465c78e1c4439a5
SSDEEP

1536:2sjLBTwf5TdQRE/AuR9Mtc1NhsdUD+6Hnvalt1R:D8f5TdPAu7lNheUDxilt1

Score

N/A

Malware Config

Signatures

Files

ac46ecb0b531a81c14b127fff72b6d5c9c3d0a5690cf3174acee1b866870f38f
.dll windows x86

3a7f95ed6a6e764f1cb2b2ff8b4b9d91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

CcFastCopyWrite
KeInitializeTimerEx
ExGetSharedWaiterCount
RtlInitString
ExInitializeResourceLite
KeCancelTimer
IoDisconnectInterrupt
IoQueueWorkItem
RtlEqualString
IoGetRelatedDeviceObject
RtlIntegerToUnicodeString
KeSaveFloatingPointState
ZwOpenProcess
ExGetPreviousMode
MmCanFileBeTruncated
IoDeviceObjectType
ZwCreateSection
RtlEqualUnicodeString
RtlCompareString
IoGetBootDiskInformation
KeInitializeQueue
PoSetPowerState
KeRundownQueue
RtlInitUnicodeString
RtlFindLastBackwardRunClear
strcpy
PsIsThreadTerminating
IoIsSystemThread

Exports

Exports

lirfplVL_GQ_
swlgadnnn_b___JGCHX_JSFFQnxh_spSUH_J
y__pH_QIiw_RQSUhuhqfpbb_bSPUZUh_zw_ti_TYGXANxidzl
cqS___NUTGwrf_hsgv
fhtmxgQQ
NR_sgc_c_qBKTBFjlsf_wiL_T_FCQ_HOSG_A___tc_qqud_
K_QBHGQFL__XZKZXY_QMPGm_auijlaZKCrcwv_lwyltL_

Sections

.text
Size: 26KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a7f95ed6a6e764f1cb2b2ff8b4b9d91

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 89KB

.rdata Size: 1024B - Virtual size: 924B

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 1024B - Virtual size: 996B

.text
Size: 26KB - Virtual size: 89KB

.rdata
Size: 1024B - Virtual size: 924B

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 1024B - Virtual size: 996B