2b980c9c6c670b90ff99c10a89c1b890ff4011fb9bb5fe8f552421c5d12fc413_unpacked | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b980c9c6c670b90ff99c10a89c1b890ff4011fb9bb5fe8f552421c5d12fc413_unpacked
Size

474KB
MD5

84cff41b613666c35ca121f2c89c3f81
SHA1

4965fe1e3d401fca0748479f2f69191061edb429
SHA256

2b980c9c6c670b90ff99c10a89c1b890ff4011fb9bb5fe8f552421c5d12fc413
SHA512

f6472928a77a7073485ea226fe415475e70536b75ba35826e409ee23c78c61ecab738cae19c1be288f430608b6ba153be513a7989d88fc70d680ed8d23d275c9
SSDEEP

12288:nrcIz7z1ptFYSHfbudysCv/jPWI1iZa8Zp6wOraNwlqcmGZs3HCc+:x3/tF3fC0sCv7+I1iA8Zp6wOrI5cmGZG

Score

N/A

Malware Config

Signatures

Files

2b980c9c6c670b90ff99c10a89c1b890ff4011fb9bb5fe8f552421c5d12fc413_unpacked
.exe windows x86

eee285d0fea149e40ace1568e1f33347

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeWaitForSingleObject
KeWaitForMultipleObjects
IoBuildPartialMdl
ZwOpenKey
IoCreateDevice
ZwQuerySystemInformation
IoFreeMdl
KeInitializeMutex
KeTickCount
IoAllocateMdl
KeInitializeSemaphore
IoDeleteDevice
ZwQueryValueKey
ZwClose
KeReleaseMutex
KeQuerySystemTime

Sections

.text
Size: 439KB - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ