94d1b9056d3b1178630affd1524f75b55b5cab92b7b19f942b3669a0017e4028 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94d1b9056d3b1178630affd1524f75b55b5cab92b7b19f942b3669a0017e4028
Size

27KB
MD5

7999ec86a3b2495112cd2053630a4e00
SHA1

23d4f36d915f56da49a5c7e8c6b953eb90603619
SHA256

94d1b9056d3b1178630affd1524f75b55b5cab92b7b19f942b3669a0017e4028
SHA512

b5c5ff6f6822e8a43d3abe55373653845aa42b4e3168d18c17a95f5370b4d4f50f921a0345c20b806fade58e585e02841e7de5e7e9041c13675fe3124ce164ce
SSDEEP

768:CjSi9gAntqqdx8Wg+9KzKxlzCUwQlNEY/T26Rz2NgPDlS6:di91443rkKTjX/T2S2MxS6

Score

N/A

Malware Config

Signatures

Files

94d1b9056d3b1178630affd1524f75b55b5cab92b7b19f942b3669a0017e4028
.exe windows x86

a93826fdf72852b32b2eae2a43a8403b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

swprintf
strncpy
wcscat
wcscpy
RtlInitUnicodeString
ObfDereferenceObject
_strnicmp
ZwClose
ZwOpenKey
_wcsnicmp
wcslen
strncmp
RtlCopyUnicodeString
ExFreePool
_snprintf
ExAllocatePoolWithTag
RtlAnsiStringToUnicodeString
MmGetSystemRoutineAddress
_stricmp

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 832B - Virtual size: 816B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ