f0259a390e7b39da40d36ac6e9385ffc40b8a840e208fd116ac1ca4fe2a9a2d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0259a390e7b39da40d36ac6e9385ffc40b8a840e208fd116ac1ca4fe2a9a2d1
Size

40KB
MD5

927c9d8eb4f16961e59111850869957c
SHA1

39d03c93d8fb3a5867dd45d04b635ea84fa3b59a
SHA256

f0259a390e7b39da40d36ac6e9385ffc40b8a840e208fd116ac1ca4fe2a9a2d1
SHA512

3f339e816d7614b5e2056d96e105fa04df7b002a65aa3f0583fbacf62e6fff5431b81d2b7433fd6126e6ae75ce52a46ef8816fe2b6722cb0f27e8a940ed1e460
SSDEEP

768:91H3ydw+LJX9yqHnV88rx2dU3s68vqTKctPzQJSzbqV:91H3yWwJQKp3sjqTttM4m

Score

N/A

Malware Config

Signatures

Files

f0259a390e7b39da40d36ac6e9385ffc40b8a840e208fd116ac1ca4fe2a9a2d1
.exe windows x86

b0bd9c6c5d443fe604a7ffe9b10dedda

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
PsProcessType
PsThreadType
KeTickCount
ZwFlushKey

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 256B - Virtual size: 242B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ