89ff20817af908bf8e51855f98cb5f92037563ac7e3a1bfc8f7738be4df31e77

Sharing

Copy URL Twitter E-mail

General

Target

89ff20817af908bf8e51855f98cb5f92037563ac7e3a1bfc8f7738be4df31e77
Size

65KB
MD5

921cf986d9e76a3cb3e5e78eff577624
SHA1

ff5286087c63a26d3a8f48935e364187bef0f375
SHA256

89ff20817af908bf8e51855f98cb5f92037563ac7e3a1bfc8f7738be4df31e77
SHA512

45c0168c45984644262cfa658bb735c0dcdb565fbf335d012fbd08ef7762aa6912af37a5c5888a45f048d8f4e178f09bb8f960b8d221d63dbd865979743846f7
SSDEEP

768:8ZRA5wzN7KpKTcBxxJPUu6nqDwxqrQjRV2pmoaBDs51irTdnd3uMEPF31vLbYAg:MmwzNuIi2HjRE7KoirTdd3S1vLbYAg

Score

N/A

Malware Config

Signatures

Files

89ff20817af908bf8e51855f98cb5f92037563ac7e3a1bfc8f7738be4df31e77
.dll windows x86

b0fb258c513dc717641f5165eb2b9378

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwOpenSymbolicLinkObject
ProbeForWrite
RtlTimeToTimeFields
RtlFindLongestRunClear
ExSetResourceOwnerPointer
MmHighestUserAddress
FsRtlGetNextFileLock
RtlEqualString
IoDeleteController
ExSetTimerResolution
IoSetShareAccess
RtlxUnicodeStringToAnsiSize
RtlInitString
KeFlushQueuedDpcs
IoGetDriverObjectExtension
IoCancelIrp
FsRtlIsDbcsInExpression
RtlUnicodeStringToAnsiString
RtlxUnicodeStringToOemSize
RtlEqualUnicodeString
RtlCompareUnicodeString
RtlInitUnicodeString

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itab
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.etab
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd3
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd1
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msd2
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd4
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0fb258c513dc717641f5165eb2b9378

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 10KB - Virtual size: 9KB

.itab Size: 512B - Virtual size: 92B

.idata Size: 1024B - Virtual size: 670B

.etab Size: 512B - Virtual size: 512B

.msd3 Size: 512B - Virtual size: 28B

.msd1 Size: 512B - Virtual size: 140B

.msd2 Size: 512B - Virtual size: 140B

.msd4 Size: 1024B - Virtual size: 528B

.data Size: 1KB - Virtual size: 41KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 1024B - Virtual size: 652B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 10KB - Virtual size: 9KB

.itab
Size: 512B - Virtual size: 92B

.idata
Size: 1024B - Virtual size: 670B

.etab
Size: 512B - Virtual size: 512B

.msd3
Size: 512B - Virtual size: 28B

.msd1
Size: 512B - Virtual size: 140B

.msd2
Size: 512B - Virtual size: 140B

.msd4
Size: 1024B - Virtual size: 528B

.data
Size: 1KB - Virtual size: 41KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 1024B - Virtual size: 652B