aa0c502378636d86b6162953ca58a1f3d3504feecbd17e25164b8f4d47745a9d_unpacked | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa0c502378636d86b6162953ca58a1f3d3504feecbd17e25164b8f4d47745a9d_unpacked
Size

473KB
MD5

66c75e9f2cbba6a37b0ea212cda7a99b
SHA1

021a2f53f4733184d9f3923a23e9874f9fbbd8d6
SHA256

aa0c502378636d86b6162953ca58a1f3d3504feecbd17e25164b8f4d47745a9d
SHA512

9361f64f168971265d953a35ec998d43533d17e55e6bdd4903f9e72239f48090dbf29e1cc5e0ebbcf371f373823a28ba4c9e1be71bdfc0c403295e49a805d05f
SSDEEP

6144:Q4FNMIW6+lYllOyimyit1OS+wYbUivIPF/k/5ouVhwFYZ:QFIBpimyit12ZwPF/kRjhw

Score

N/A

Malware Config

Signatures

Files

aa0c502378636d86b6162953ca58a1f3d3504feecbd17e25164b8f4d47745a9d_unpacked
.exe windows x86

f5e54b68ad1e436c456f4e55542ec686

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
ZwOpenKey
KeWaitForMultipleObjects
ZwQuerySystemInformation
IoAllocateMdl
KeInitializeSemaphore
ZwClose
IoCreateDevice
IoBuildPartialMdl
KeTickCount
KeInitializeMutex
KeQuerySystemTime
KeReleaseMutex
KeWaitForSingleObject
IoFreeMdl
ZwQueryValueKey

Sections

.text
Size: 438KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ