591b1de65745387b60d073fbdecc85174c5380ed1e52f90dfebeeca09fe6a662 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

591b1de65745387b60d073fbdecc85174c5380ed1e52f90dfebeeca09fe6a662
Size

64KB
MD5

824b20a147826582200951e07dcc50e4
SHA1

ab7244b282b507f0842e211205b5ef69f310bcb5
SHA256

591b1de65745387b60d073fbdecc85174c5380ed1e52f90dfebeeca09fe6a662
SHA512

5a492d43aa2b0dd6b33a4955df91ccd7be212adbd5a6db3d7813cd925fbd0caf49dc132bd669b63f31bfc1a9341c52fc2f98a332e607a245e9b986d8004715f4
SSDEEP

768:MEyMFPaTcUuyVejE9XI6nZMLnJcO/jBovJ/1hRJeL:t4tuZGYYGLJvOjp

Score

N/A

Malware Config

Signatures

Files

591b1de65745387b60d073fbdecc85174c5380ed1e52f90dfebeeca09fe6a662
.exe windows x86

79a9d986823489926cd4a8a074f9974f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
DbgPrint
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
KeTickCount

Sections

.text
Size: 1024B - Virtual size: 1010B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ