e2d331a749a955bfb24d84cc9924625c39870b6667ad85c47ffd6c9de1c8f0ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2d331a749a955bfb24d84cc9924625c39870b6667ad85c47ffd6c9de1c8f0ac
Size

32KB
MD5

0a2db6690f34243ed5c7b591a74cc580
SHA1

414b8323758cb6fbb71afc6e6c496f68757d007a
SHA256

e2d331a749a955bfb24d84cc9924625c39870b6667ad85c47ffd6c9de1c8f0ac
SHA512

a1be8f75810b1fdf47741b1d2b3c8508af00b2a27702866988da9e02229e24ac10e4b874dbfcf26b169ee7be996418a98506bd296c02df3fd236a3b72ebe9ff4
SSDEEP

384:MFbSJWXnP/6DceGilMQPVK64qslXdqCvvC3YCKNCzCdvCa:mOWXP/Gc2GQguul

Score

N/A

Malware Config

Signatures

Files

e2d331a749a955bfb24d84cc9924625c39870b6667ad85c47ffd6c9de1c8f0ac
.exe windows x86

d24c432078fe6596702e8bc864ce9ba3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString

Sections

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 308B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ