43483385f68ad88901031ce226df45b217e8ba555916123ab92f63a97aef1d0e_unpacked | Triage

Sharing

Copy URL Twitter E-mail

General

Target

43483385f68ad88901031ce226df45b217e8ba555916123ab92f63a97aef1d0e_unpacked
Size

478KB
MD5

264a210bf6bdded5b4e35f93eca980c4
SHA1

8f6ff0dd9b38c633e6f13bde24ff01ab443191f6
SHA256

ddb82094dec1fc7feaa4d987aee9cc0ec0e5d3eb26ba9264bb6ad4aa750ae167
SHA512

6ceedf1912d6dcf1fdb409fb94566bf65a788065ed01282c7e5fc7d6b1bcba6e6489008466e084f64d1698ceff71a707e8c020040cc03ccce3ee095f8ea9da35
SSDEEP

12288:hZiPusaykhBqE9BmzPsNURR8BRf8kn87oWLkryrs9E:SxaykvqUB7URRx

Score

N/A

Malware Config

Signatures

Files

43483385f68ad88901031ce226df45b217e8ba555916123ab92f63a97aef1d0e_unpacked
.exe windows x64

0c19302a051f41ba0465b33574082059

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

KeWaitForMultipleObjects
ZwClose
ZwQuerySystemInformation
IoAllocateMdl
IoBuildPartialMdl
IoCreateDevice
ZwQueryValueKey
IoFreeMdl
KeReleaseMutex
KeInitializeMutex
IoDeleteDevice
KeWaitForSingleObject
KeInitializeSemaphore
ZwOpenKey

Sections

.text
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ