7b78f59d13eea851fcec8f8cbf0e578e5ef81d266337cceae8414a7f0b5a43bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b78f59d13eea851fcec8f8cbf0e578e5ef81d266337cceae8414a7f0b5a43bb
Size

41KB
MD5

8450b46a1ac137bed609ed391cc2d140
SHA1

50fe7319c2973840fb672a31ff8de4d7d8af9180
SHA256

7b78f59d13eea851fcec8f8cbf0e578e5ef81d266337cceae8414a7f0b5a43bb
SHA512

a86fbcb8f6a9ba12190ddd7b799873434ad18c4a8021afad9e6a9d8b6a20de2f800f812dfaebdcd5143b6dab6c6566efdf1112bc04ed15e3126d6f05c9dfe641
SSDEEP

768:DmjGEO6zCGULvuyszKJ+q7linmj4USLGXDUomMIJ/P1gkKKV0jsIsL+:DoGG9StwK0m8ITyMm/PTVgsIsC

Score

N/A

Malware Config

Signatures

Files

7b78f59d13eea851fcec8f8cbf0e578e5ef81d266337cceae8414a7f0b5a43bb
.exe windows x86

cef77fc7e167f9d916b91b350e806f3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmGetSystemRoutineAddress
RtlAppendUnicodeStringToString
MmIsNonPagedSystemAddressValid
RtlAnsiStringToUnicodeString
RtlInitAnsiString
ExAllocatePoolWithTag

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 254B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ