10722e16fc42bf69f12db1fcd19f5f3dfb2d32a3e2841370770066d2b2e47af1

General

Target

10722e16fc42bf69f12db1fcd19f5f3dfb2d32a3e2841370770066d2b2e47af1
Size

70KB
MD5

920e99edc26294f2ba66ab4d5d9c22bf
SHA1

d3d55f3eafb15f9bebe8dbdc5a96532710d322a9
SHA256

10722e16fc42bf69f12db1fcd19f5f3dfb2d32a3e2841370770066d2b2e47af1
SHA512

7bbb03e6cba0663a8902353979e632a187769e8bd38365be22c91686b0ec3f42348da9fd3390ee5aeca5d51f92ba29e92f6eaa24bf1dc0c96f4e7e5f08732dd1
SSDEEP

1536:E3G4gAxTCTZ7nfbFI99zuZwIRjOYDgr4FZXrL9J:xKUlfbFI95uZwIRj5DdZ7

Score

N/A

Malware Config

Signatures

Files

10722e16fc42bf69f12db1fcd19f5f3dfb2d32a3e2841370770066d2b2e47af1
.dll windows x86

571dd8aeff3405f93d1f04aaa167377a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

SeCaptureSubjectContext
SeDeleteObjectAuditAlarm
CcDeferWrite
IoBuildPartialMdl
IoFreeIrp
SeTokenIsRestricted
IoCheckShareAccess
IoGetLowerDeviceObject
ZwCreateSection
ZwQuerySymbolicLinkObject
KeEnterCriticalRegion
FsRtlNotifyInitializeSync
IoGetInitialStack
IoWMIRegistrationControl
ZwOpenSymbolicLinkObject
KeReadStateTimer
IoDeviceObjectType
KeGetCurrentThread
RtlGetVersion
MmUnlockPages
IoGetDmaAdapter
RtlUnicodeStringToInteger
SeSetSecurityDescriptorInfo
RtlUpcaseUnicodeString
ExIsProcessorFeaturePresent
RtlIsNameLegalDOS8Dot3
CcGetFileObjectFromBcb
KeInitializeDeviceQueue
ObfReferenceObject
KeDetachProcess
MmCanFileBeTruncated
ObReferenceObjectByPointer
IoThreadToProcess
KeTickCount
IoGetAttachedDevice
IofCallDriver
IoGetDeviceInterfaceAlias
FsRtlDeregisterUncProvider
IoInitializeIrp
DbgBreakPoint
KeLeaveCriticalRegion
RtlCreateSecurityDescriptor
ZwOpenFile
KeInsertByKeyDeviceQueue
IoVerifyVolume
IoDeleteController
CcMdlRead

Exports

Exports

?IsNotPenEx@@YGPAFIGPAJG<V
?DeleteDirectory@@YGXEPAGME<V
?IsNotCommandLineW@@YGPAIGMPAF<V
?PutMessageEx@@YGMPA_N<V
?PutObject@@YGPADFPAMPAJPA_N<V
?EnumConfigExW@

Sections

.text
Size: 65KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

571dd8aeff3405f93d1f04aaa167377a

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 89KB

.text
Size: 65KB - Virtual size: 89KB