7f5e9bd352cb2ec2f5c960841ffb9ebc9b8b9245d1fb4b91e522ebb4c1dc059d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f5e9bd352cb2ec2f5c960841ffb9ebc9b8b9245d1fb4b91e522ebb4c1dc059d
Size

68KB
MD5

73cec1db51a1ad1875797a6550ff24df
SHA1

fbfecf0f0f9578715953322185c6375151f0bfbf
SHA256

7f5e9bd352cb2ec2f5c960841ffb9ebc9b8b9245d1fb4b91e522ebb4c1dc059d
SHA512

a395cbde3c68fa86b3c522015f8f1dc66038fb483b90317b58b50ba936692b2f00389435edfd37701cea1e59ddc2abffc8536becc7218d8588f53294a7353ede
SSDEEP

1536:WVo21SKXFx38Yy4rm5JH9qPHuDtg0a6CJt:WcK1NsSKHQPOD0x

Score

N/A

Malware Config

Signatures

Files

7f5e9bd352cb2ec2f5c960841ffb9ebc9b8b9245d1fb4b91e522ebb4c1dc059d
.exe windows x86

1ff5819930c2e9d5389b6e7957298098

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlHashUnicodeString
ExFreePoolWithTag
ExAllocatePoolWithTagPriority
IoReleaseCancelSpinLock
ExAcquireFastMutexUnsafe
KeEnterCriticalRegion
KeLeaveCriticalRegion
ExReleaseFastMutexUnsafe
WmiTraceMessage
IofCompleteRequest
ProbeForRead
IoCheckShareAccess
wcslen
ObfDereferenceObject
_except_handler3
ObReferenceObjectByHandle
IoAcquireCancelSpinLock
RtlCompareMemory
MmMapViewInSystemSpace
MmUnmapViewInSystemSpace
ExRaiseStatus
ExRaiseAccessViolation
MmUserProbeAddress
_purecall

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ