0aa8b14462189d257a4e9c38da8887e6f46658a9192ebec211ea58386c733bb3

General

Target

0aa8b14462189d257a4e9c38da8887e6f46658a9192ebec211ea58386c733bb3
Size

183KB
MD5

0f42f8ca9ca604c4e2785ff9d2232ff1
SHA1

c54b363dbbd845629aa2fe56cf516ecb6ed3d971
SHA256

0aa8b14462189d257a4e9c38da8887e6f46658a9192ebec211ea58386c733bb3
SHA512

dc2b48d6a39e2ca750faa1001ad5e897000c2b045d77fd8d6e2a13c97d3ca455d30de4a11d64099b15ef27152150a282a315029c0c0aabf1575b6c46ae2a943e
SSDEEP

3072:rX/4L8gCAzrWy//E+7mslheiHsI/U+owztYcegkZq9lz7VOfy+1iVyEdQlK5z:rPIpxWynE+a6hgiU+dOgaq9lz7VdPyE7

Score

N/A

Malware Config

Signatures

Files

0aa8b14462189d257a4e9c38da8887e6f46658a9192ebec211ea58386c733bb3
.dll windows x86

d91fc92bb805630b812c3f3b8baeace0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoGetRelatedDeviceObject
MmCanFileBeTruncated
ZwSetSecurityObject
IoGetRequestorProcess
RtlFillMemoryUlong
CcFlushCache
RtlExtendedIntegerMultiply
PsRevertToSelf
MmResetDriverPaging
IoInitializeRemoveLockEx
FsRtlNotifyUninitializeSync
IoStartNextPacket
KeReleaseMutex
IoInvalidateDeviceState
RtlDelete
RtlQueryRegistryValues
RtlCreateAcl
ObReferenceObjectByHandle
ZwReadFile
RtlSetDaclSecurityDescriptor
IoCheckEaBufferValidity
PsSetLoadImageNotifyRoutine
ExReleaseResourceLite
ZwWriteFile
ExDeleteNPagedLookasideList
IoReuseIrp
MmFreeNonCachedMemory
RtlSubAuthoritySid
strlen
RtlCheckRegistryKey
KeInitializeQueue
ObQueryNameString
IoGetStackLimits
PsGetProcessId
SeSetSecurityDescriptorInfo
PoCallDriver
IoQueryFileInformation

Sections

.fgghg
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uytu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmem
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d91fc92bb805630b812c3f3b8baeace0

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.fgghg Size: 1024B - Virtual size: 776B

.text Size: 29KB - Virtual size: 29KB

.uytu Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 876B

.vmem Size: - Virtual size: 8KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 1KB - Virtual size: 1KB

.fgghg
Size: 1024B - Virtual size: 776B

.text
Size: 29KB - Virtual size: 29KB

.uytu
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 876B

.vmem
Size: - Virtual size: 8KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 1KB - Virtual size: 1KB