fd37f1b767a77effdd1af65a35c1bea756d4b677f34bf13639ab1aefdddae4ae

General

Target

fd37f1b767a77effdd1af65a35c1bea756d4b677f34bf13639ab1aefdddae4ae
Size

135KB
MD5

9664b3be2713cf6185a1feb632ee6fc8
SHA1

941d35aa5901fd6c17b41f9cec0274d6533ecf37
SHA256

fd37f1b767a77effdd1af65a35c1bea756d4b677f34bf13639ab1aefdddae4ae
SHA512

1f796f24bf1a2876e2a3be7f863d7bc3749b338881f4832f865516fcb676fb4c81bff79d670b7a7da3489a127b5530d4236f6d6aa019cab921fbd4ecf1b17918
SSDEEP

3072:5I8DaiU+XQSMlAi0Gv7YHZE76VuLFUSfSEp:5iDSZi5YHaVLa7

Score

N/A

Malware Config

Signatures

Files

fd37f1b767a77effdd1af65a35c1bea756d4b677f34bf13639ab1aefdddae4ae
.dll windows x86

b5eef883b759a53f1a0caa357291350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExSetTimerResolution
IoAllocateErrorLogEntry
KeInitializeDpc
RtlUnicodeStringToOemString
RtlGetVersion
SeCaptureSubjectContext
IoVerifyPartitionTable
ExGetPreviousMode
ZwReadFile
KeEnterCriticalRegion
IoDeleteDevice
KeInitializeSemaphore
RtlCreateAcl
FsRtlNotifyUninitializeSync
RtlInitializeGenericTable
CcFlushCache
IoBuildPartialMdl
MmIsVerifierEnabled
ExDeleteResourceLite
IoReleaseVpbSpinLock
PsCreateSystemThread
KeInitializeQueue
KeDelayExecutionThread
FsRtlIsFatDbcsLegal
RtlCreateSecurityDescriptor
ExRegisterCallback
ObReferenceObjectByHandle
IoStartPacket
ObCreateObject
SeLockSubjectContext
IoGetDeviceProperty
KeGetCurrentThread
KeSetTargetProcessorDpc
RtlFindNextForwardRunClear
ZwDeleteValueKey
RtlWriteRegistryValue
IoGetInitialStack
CcMapData
KeTickCount
MmUnmapReservedMapping
FsRtlFastUnlockSingle
KeSetBasePriorityThread
ExAllocatePoolWithTag
KeInitializeSpinLock
KeLeaveCriticalRegion
ExRaiseAccessViolation
ObReleaseObjectSecurity
IoBuildSynchronousFsdRequest
MmMapLockedPagesSpecifyCache

Exports

Exports

?IsValidPointer@@YGPAIEH<V
?CallVersionOld@@YGPA_NPAHPAD<V
?IsNotStringW@@YGMIPAJ<V
?FormatDeviceEx@@YGHM<V
?IsDateTimeW@@YG_NJF<V
?InsertTextExA@@YGFKE<V

Sections

.text
Size: 65KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5eef883b759a53f1a0caa357291350d

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 91KB

.text
Size: 65KB - Virtual size: 91KB