eb46fae001313e5aac77ff03ac69da0878815089ce10eb7410e24afac2e730fc

General

Target

eb46fae001313e5aac77ff03ac69da0878815089ce10eb7410e24afac2e730fc
Size

87KB
MD5

81517b2e7d9e5f885c094a07737e5a26
SHA1

99c08da0488b7fc28b75cdeb7c4d7203897593ae
SHA256

eb46fae001313e5aac77ff03ac69da0878815089ce10eb7410e24afac2e730fc
SHA512

c271b0f0801d42ea853b0346884efe90fdcfeea2ddf3fdaff08f46f6561944f22c5cb1b4f4b64d88bfe49bdb6136df1b9131d0560dd7070e2d3d34d96145f720
SSDEEP

1536:EKJUMYY4y5yCiM6bVclVUjfQxkl5KEtrSM/TSh:EYl58ncl2rQkHKEtrEh

Score

N/A

Malware Config

Signatures

Files

eb46fae001313e5aac77ff03ac69da0878815089ce10eb7410e24afac2e730fc
.dll windows x86

894ead0904a546f5877584bf3af307be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoGetTopLevelIrp
CcMapData
ExGetPreviousMode
IoGetDeviceProperty
PsCreateSystemThread
FsRtlNotifyUninitializeSync
RtlWriteRegistryValue
ObCreateObject
KeTickCount
KeEnterCriticalRegion
ZwReadFile
FsRtlIsFatDbcsLegal
IoBuildSynchronousFsdRequest
IoVerifyPartitionTable
ExRegisterCallback
KeInitializeSemaphore
SeLockSubjectContext
RtlAnsiStringToUnicodeString
RtlFindNextForwardRunClear
RtlCreateAcl
IoStartPacket
RtlGetVersion
KeSetBasePriorityThread
ExSetTimerResolution
ExRaiseAccessViolation
MmIsVerifierEnabled
SeCaptureSubjectContext
RtlCreateSecurityDescriptor
KeGetCurrentThread
CcFlushCache
IoBuildPartialMdl
KeInitializeQueue
ObReleaseObjectSecurity
ZwDeleteValueKey
FsRtlFastUnlockSingle
KeInitializeDpc
KeSetTargetProcessorDpc
KeLeaveCriticalRegion
MmUnmapReservedMapping
KeInitializeSpinLock
KeDelayExecutionThread
IoReleaseVpbSpinLock
IoDeleteDevice
ObReferenceObjectByHandle
ExDeleteResourceLite
MmMapLockedPagesSpecifyCache
ExAllocatePoolWithTag

Exports

Exports

?PutListExW@@YGPAIEH_N<V
?CallVersionOld@@YGPA_NPAHPAD<V
?FreeKeyboardA@@YGIPAJ<V
?DeleteFolderPath@@YGPAKGM_N<V
?IsDateTimeW@@YG_NJF<V
?InsertTextExA@@YGFKE<V

Sections

.text
Size: 64KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

894ead0904a546f5877584bf3af307be

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 85KB

.text
Size: 64KB - Virtual size: 85KB