e771686661c5ffc9353b6fcc2ffebf7cdc42ca3877ebc34ad709cefdce7ef4af

General

Target

e771686661c5ffc9353b6fcc2ffebf7cdc42ca3877ebc34ad709cefdce7ef4af
Size

445KB
MD5

91f39f9215f04c53c75663933665ec8a
SHA1

e6c359f4301a3a2e2cc4543edb7ec838a701429c
SHA256

e771686661c5ffc9353b6fcc2ffebf7cdc42ca3877ebc34ad709cefdce7ef4af
SHA512

3e33c6fbc60c3cf95476efdcb612fc62b84610c40a5620c30d1eb5207bdd96e4f4c7ea29e565650cb2e0493660f77fa4a79f7f86fa671439d75ea185614896d9
SSDEEP

12288:rOKlQbBtKy4LE4wxubJ2Li73ZpjgRdKWQ:D2iW/MbJ2LO3ZpkRIx

Score

N/A

Malware Config

Signatures

Files

e771686661c5ffc9353b6fcc2ffebf7cdc42ca3877ebc34ad709cefdce7ef4af
.dll windows x86

6ab6d10600738d78b24bd66c0039f9a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

CcUnpinData
CcInitializeCacheMap
ObfReferenceObject
IoGetTopLevelIrp
IoQueryFileInformation
RtlCreateSecurityDescriptor
IoReleaseRemoveLockAndWaitEx
ProbeForRead
RtlEqualSid
PoCallDriver
IoWritePartitionTableEx
RtlUpperString
RtlUnicodeStringToInteger
RtlOemToUnicodeN
CcPinRead
ExCreateCallback
MmProbeAndLockProcessPages
KeInitializeEvent
ExAllocatePoolWithQuotaTag
RtlMultiByteToUnicodeN
RtlNtStatusToDosError
IoCheckShareAccess
KePulseEvent
CcCopyWrite
KeTickCount
KeEnterCriticalRegion
CcFastCopyWrite
RtlUnicodeToOemN
KeLeaveCriticalRegion
FsRtlSplitLargeMcb
FsRtlIsTotalDeviceFailure
ZwDeleteKey
MmIsThisAnNtAsSystem
SeCaptureSubjectContext
RtlWriteRegistryValue
KeInitializeTimer
RtlGetNextRange
RtlTimeToTimeFields
PsGetCurrentThreadId
RtlUpcaseUnicodeString
IoGetDeviceObjectPointer
KeSetPriorityThread
IoStartTimer
KeGetCurrentThread
IoBuildSynchronousFsdRequest
SeDeassignSecurity
IoGetRequestorProcess
KeReadStateSemaphore
KeQuerySystemTime

Exports

Exports

?RtlComponentOriginal@@YGPAXGPAEPAG<V
?IsHeaderExA@@YGPAJ_NKFPAK<V
?IncrementAppNameOriginal@@YGPAXH<V
?IncrementThreadOld@@YG_NPAFNE<V
?DecrementProcess@@YGFEJ<V
?Event@@YGKPAGPAM<V

Sections

.text
Size: 65KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ab6d10600738d78b24bd66c0039f9a4

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 97KB

.text
Size: 65KB - Virtual size: 97KB