b7379b0faf3005c56c8ed0b90c14f43bce51fb84e48e4c562a460eae3bcb5509 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7379b0faf3005c56c8ed0b90c14f43bce51fb84e48e4c562a460eae3bcb5509
Size

73KB
MD5

a01e9de333c0767b9f99ae6e4648f82d
SHA1

615a404650802de542b89092890f4919b2eb43b3
SHA256

b7379b0faf3005c56c8ed0b90c14f43bce51fb84e48e4c562a460eae3bcb5509
SHA512

6881d943875094f8be5db853bd6b9972b0a282f7304030a394dc91fdd61082672ecd56b9ff8b95a25c5e6361933b435ad977bb3cefaa71425449cee19ea9ed04
SSDEEP

1536:tchFwzwJTTjIv7mKlOmkq1ExVj4e9duRMsq6nm:tchUwJLIvhdkq8Vj4Asq6nm

Score

N/A

Malware Config

Signatures

Files

b7379b0faf3005c56c8ed0b90c14f43bce51fb84e48e4c562a460eae3bcb5509
.dll windows x86

1768b1afa73ade84456463c34e36ea98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoAllocateMdl
RtlInitUnicodeString
FsRtlIsNameInExpression
RtlSecondsSince1980ToTime
IoReportResourceForDetection
RtlInitString
RtlInt64ToUnicodeString
IoAllocateController
RtlEqualUnicodeString
ZwQueryVolumeInformationFile
CcIsThereDirtyData
ZwOpenFile
ExLocalTimeToSystemTime
ZwFreeVirtualMemory
CcFastCopyWrite
RtlFindClearBits
RtlUpperChar
RtlSetAllBits
ZwCreateKey
IoOpenDeviceRegistryKey
KeQueryActiveProcessors
RtlEqualString
MmIsAddressValid
ZwOpenProcess
CcDeferWrite
MmUnsecureVirtualMemory
KeQueryInterruptTime

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ