43a7f0ec98b2fc83bd33f5c4e27e0480ea5858ce61ffab3daea33d97406ecf55 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43a7f0ec98b2fc83bd33f5c4e27e0480ea5858ce61ffab3daea33d97406ecf55
Size

2KB
MD5

4a180e224a002f2d26edf0d8f07835b0
SHA1

2a57ac04cd6d1e1c66a0ab26962cea0b1981c662
SHA256

43a7f0ec98b2fc83bd33f5c4e27e0480ea5858ce61ffab3daea33d97406ecf55
SHA512

37f0a874d7130ec69bd01fe7ea0c7975a841806a225a9726a4cea9e08e4a3891331c0ddb9a27c1736bbeff2b4f343ae11b7c1cd617ccb8d3dc254465b61dbd2f

Score

N/A

Malware Config

Signatures

Files

43a7f0ec98b2fc83bd33f5c4e27e0480ea5858ce61ffab3daea33d97406ecf55
.exe windows x86

5705b819af08b21e2517b0ad80b4069e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
DbgPrint
ObfDereferenceObject
KeInsertQueueApc
KeInitializeApc
ExAllocatePoolWithTag
ObReferenceObjectByPointer
PsThreadType
PsLookupThreadByThreadId
ZwClose
ZwTerminateProcess
ObOpenObjectByPointer
PsLookupProcessByProcessId
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
ExFreePo

Sections

.text
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 384B - Virtual size: 333B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 896B - Virtual size: 830B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ