54326b56bc62ef2ce00eab56234dabeec141be6830c0c40db6d724591f3c750a

Sharing

Copy URL

Twitter E-mail

General

Target

54326b56bc62ef2ce00eab56234dabeec141be6830c0c40db6d724591f3c750a
Size

65KB
MD5

0821562ccc9ba59c735ce9712d7d68e0
SHA1

487c3d398d220c5f5e8540117b6e587b86b2d955
SHA256

54326b56bc62ef2ce00eab56234dabeec141be6830c0c40db6d724591f3c750a
SHA512

1fc2a9574f83b8565b3bc441fe4544599934368357e67bf146fb5296b9b078688a1b4d807cff808468319752346809a61020778b4bb5071f787f417ea3f647b1
SSDEEP

768:I/Kj9KdswarIqsgdcK2+rcb/wQHJVggSa927EX0KcEcjSOSpYbPF31vLbYAg:oI9Rd1RcKzr0FJB9gJLkpo1vLbYAg

Score

N/A

Malware Config

Signatures

Files

54326b56bc62ef2ce00eab56234dabeec141be6830c0c40db6d724591f3c750a
.dll windows x86

c8acca06b12f3350a7bfca6b8bc17449

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoGetBootDiskInformation
IoCheckShareAccess
PsGetVersion
ZwMakeTemporaryObject
ExSetTimerResolution
KeCancelTimer
RtlUpcaseUnicodeString
IoDeleteSymbolicLink
RtlInitUnicodeString
RtlEqualString
RtlEqualUnicodeString
IoSetHardErrorOrVerifyDevice
RtlxAnsiStringToUnicodeSize
RtlInitString
RtlInitAnsiString
MmUnlockPagableImageSection
PoSetSystemState
IoGetRequestorProcessId
RtlStringFromGUID
RtlFindLongestRunClear

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ztest
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stest
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.srdat
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8acca06b12f3350a7bfca6b8bc17449

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 14KB - Virtual size: 13KB

.idat Size: 512B - Virtual size: 84B

.idata Size: 1024B - Virtual size: 604B

.ztest Size: 512B - Virtual size: 192B

.stest Size: 512B - Virtual size: 192B

.init Size: 10KB - Virtual size: 9KB

.srdat Size: 512B - Virtual size: 440B

.data Size: 2KB - Virtual size: 38KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 1024B - Virtual size: 536B

.text
Size: 14KB - Virtual size: 13KB

.idat
Size: 512B - Virtual size: 84B

.idata
Size: 1024B - Virtual size: 604B

.ztest
Size: 512B - Virtual size: 192B

.stest
Size: 512B - Virtual size: 192B

.init
Size: 10KB - Virtual size: 9KB

.srdat
Size: 512B - Virtual size: 440B

.data
Size: 2KB - Virtual size: 38KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 1024B - Virtual size: 536B