946df2b615952553f7f0f5f232b374282824ec0ee56c228819a812f588f9ec62

General

Target

946df2b615952553f7f0f5f232b374282824ec0ee56c228819a812f588f9ec62
Size

22KB
MD5

0c7092cea3892f14e14d2769e918a3b0
SHA1

d0cf8b49fc96a5a98ba3d88fe32d8591cdc6a56d
SHA256

946df2b615952553f7f0f5f232b374282824ec0ee56c228819a812f588f9ec62
SHA512

e69f818f06cec729b6aae2389fbae958a56c2621a0b4867d1f4c37fdfa4f7576fab7fc62c0ae188452fa0cb2a9ec01375f73fafe8986a763cc5514c49b77f5d9
SSDEEP

384:SU3grtq+96+HyQJVhg0duDyurnm7ODSVR63lrDmI:SJqo6RQJVhgbDDrm79VR63ZDmI

Score

N/A

Malware Config

Signatures

Files

946df2b615952553f7f0f5f232b374282824ec0ee56c228819a812f588f9ec62
.exe windows x86

5a67e3cf4954d7d13f3fb62f5e320be1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

_wcsicmp
ExInterlockedAddLargeInteger
FsRtlUninitializeLargeMcb
CcSetLogHandleForFile
ZwQueryDefaultUILanguage
RtlDeleteRange
ExInterlockedInsertTailList
RtlLookupElementGenericTableFull
RtlUpperChar
ZwDeleteValueKey
IoAttachDeviceToDeviceStack
mbtowc
wcsncmp
PsGetVersion
ExAllocatePool
KeIsExecutingDpc
CcPrepareMdlWrite
KefReleaseSpinLockFromDpcLevel
ExFreePool
KeAcquireSpinLockAtDpcLevel
KeQuerySystemTime
MmUnmapViewOfSection
FsRtlCopyWrite
KeReleaseMutex
ExInitializePagedLookasideList
ZwQueryInformationProcess
NtSetQuotaInformationFile
ZwQueryDefaultLocale

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ILIT
Size: 1024B - Virtual size: 614B

IMAGE_SCN_MEM_READ

.bac
Size: 512B - Virtual size: 260B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cab
Size: 512B - Virtual size: 52B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a67e3cf4954d7d13f3fb62f5e320be1

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 1KB

ILIT Size: 1024B - Virtual size: 614B

.bac Size: 512B - Virtual size: 260B

.cab Size: 512B - Virtual size: 52B

.data Size: 512B - Virtual size: 340B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 32B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 1KB

ILIT
Size: 1024B - Virtual size: 614B

.bac
Size: 512B - Virtual size: 260B

.cab
Size: 512B - Virtual size: 52B

.data
Size: 512B - Virtual size: 340B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 32B