81cf82a19f48f2886ab8c33193e622c3293f5d37cac797908c5c1fd5311d50c1

Sharing

Copy URL

Twitter E-mail

General

Target

81cf82a19f48f2886ab8c33193e622c3293f5d37cac797908c5c1fd5311d50c1
Size

72KB
MD5

06fd7fc23cf7fb437b4c724cb9a1768e
SHA1

1006c315b505ef34bc943d5e220686b7fa8a7a10
SHA256

81cf82a19f48f2886ab8c33193e622c3293f5d37cac797908c5c1fd5311d50c1
SHA512

cb6ca6dec528ef9f960f9d1d7da629989cc7a7ec5e40dd8c2179cfccca81725b6d0c3fcfe3773c47afbea13566e60148da8de42b024c9284b29fca33733b0f06
SSDEEP

1536:I0hnbzlq6ZTCGy9Hr8Zj49JQcDfw8xJXO3O:IOTc9HYZE9i+Y8x0e

Score

N/A

Malware Config

Signatures

Files

81cf82a19f48f2886ab8c33193e622c3293f5d37cac797908c5c1fd5311d50c1
.dll windows x86

1212e8a813666371797759da5a3797e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlCopyString
ExGetExclusiveWaiterCount
RtlValidSecurityDescriptor
KeRemoveQueueDpc
RtlFindUnicodePrefix
KeInitializeTimer
IoAcquireCancelSpinLock
ExVerifySuite
IoInvalidateDeviceState
FsRtlIsHpfsDbcsLegal
ExSystemTimeToLocalTime
FsRtlFreeFileLock
RtlFindLeastSignificantBit
KeCancelTimer
RtlInitAnsiString
KeWaitForMultipleObjects
FsRtlCheckLockForReadAccess
RtlEnumerateGenericTable
ExLocalTimeToSystemTime
IoFreeMdl
ObReferenceObjectByHandle
RtlCopyLuid

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_txt
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e_txt
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele3
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tele2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele4
Size: 512B - Virtual size: 399B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1212e8a813666371797759da5a3797e2

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 15KB - Virtual size: 14KB

.i_txt Size: 512B - Virtual size: 92B

.e_txt Size: 512B - Virtual size: 512B

.tele3 Size: 512B - Virtual size: 28B

.tele1 Size: 512B - Virtual size: 44B

.tele2 Size: 512B - Virtual size: 44B

.tele4 Size: 512B - Virtual size: 399B

.data Size: 22KB - Virtual size: 69KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 1024B - Virtual size: 620B

.text
Size: 15KB - Virtual size: 14KB

.i_txt
Size: 512B - Virtual size: 92B

.e_txt
Size: 512B - Virtual size: 512B

.tele3
Size: 512B - Virtual size: 28B

.tele1
Size: 512B - Virtual size: 44B

.tele2
Size: 512B - Virtual size: 44B

.tele4
Size: 512B - Virtual size: 399B

.data
Size: 22KB - Virtual size: 69KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 1024B - Virtual size: 620B