f6068ea082d7fe98d9440c7fd7e3cc7f88cc2061b6c0a51cc3050ac1ef361f91

General

Target

f6068ea082d7fe98d9440c7fd7e3cc7f88cc2061b6c0a51cc3050ac1ef361f91
Size

183KB
MD5

a4d6dd296d966116240fa39687a1c0fd
SHA1

688c90e51023623ab45754c6597740542d9a8524
SHA256

f6068ea082d7fe98d9440c7fd7e3cc7f88cc2061b6c0a51cc3050ac1ef361f91
SHA512

201f03a2e6156364faa81b2a252066920d783b5ff50a0a313c28658ddf93476b1ce1d2b17aaa8100501a53d5681ecea48ad01c37c2f2f4c014b64dbbada4b226
SSDEEP

3072:MTQ/iXjoSGkAbNRXtqL4Of/E+7mslheiHsI/U+owztYcegkZq9lz7VOfy+1iVyE7:MTSvBZkL4OHE+a6hgiU+dOgaq9lz7Vdb

Score

N/A

Malware Config

Signatures

Files

f6068ea082d7fe98d9440c7fd7e3cc7f88cc2061b6c0a51cc3050ac1ef361f91
.dll windows x86

5415d4c7c0522370c3bae89b6de45c77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInsertUnicodePrefix
SeImpersonateClientEx
RtlAreBitsSet
CcPinMappedData
IoFreeMdl
MmUnmapReservedMapping
RtlCompareUnicodeString
KeReleaseMutex
CcUninitializeCacheMap
IoGetDeviceProperty
IoRemoveShareAccess
RtlNtStatusToDosError
SeCaptureSubjectContext
KeLeaveCriticalRegion
PoCallDriver
IoSetHardErrorOrVerifyDevice
ZwSetValueKey
IofCompleteRequest
KeTickCount
RtlPrefixUnicodeString
ZwCreateKey
RtlInitializeUnicodePrefix
RtlFindLeastSignificantBit
IoGetTopLevelIrp
RtlWriteRegistryValue
IoVerifyPartitionTable
IoCheckEaBufferValidity
IoWMIRegistrationControl
KeGetCurrentThread
KeEnterCriticalRegion
ExDeleteResourceLite
RtlTimeToSecondsSince1970
FsRtlIsHpfsDbcsLegal
CcRepinBcb
KeCancelTimer
ExAllocatePool
MmUnsecureVirtualMemory
ExSetResourceOwnerPointer
ObfReferenceObject
RtlValidSid
ExVerifySuite
RtlCreateSecurityDescriptor
RtlFreeAnsiString
ProbeForRead
IoSetPartitionInformationEx
ObReferenceObjectByPointer
IoReleaseVpbSpinLock
RtlAnsiCharToUnicodeChar
RtlDelete
IoGetAttachedDevice
MmSetAddressRangeModified
IoAllocateErrorLogEntry
CcPreparePinWrite

Exports

Exports

?IsCommandLine@@YGXI<V
?RemoveSystemExW@@YGPAXPAHK<V
?SetSectionA@@YGIMGJ<V
?PutDialogOriginal@@YGXE<V
?RemoveRect@@YGDKPA_N<V
?DecrementDirectoryOriginal@@YGGPAKPAEH<V

Sections

.text
Size: 64KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5415d4c7c0522370c3bae89b6de45c77

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 83KB

.text
Size: 64KB - Virtual size: 83KB