73fc5493ef55d43e60ea923da94b9f7faff0968ac37fc5eb6bb7653607d1410d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73fc5493ef55d43e60ea923da94b9f7faff0968ac37fc5eb6bb7653607d1410d
Size

23KB
MD5

1a651146fb0449de9f56541f892e6764
SHA1

9d1b00b0e26cd281d36a34b149cad67592a15f2d
SHA256

73fc5493ef55d43e60ea923da94b9f7faff0968ac37fc5eb6bb7653607d1410d
SHA512

49fa1ba56dc356966ab69abc5558fd2079d0732f44d5637ce5da577acda2baa56d0efae8ae4a1cac6d305aa388ad628b354745afb9a456fd295c7eed53e4da72
SSDEEP

384:nymBoq29o/gsH+5LS6QWwJKUL0scNtPZkAWRa7dqIGJ7GlVjrB8DcovIOuXf4kY4:nvKl9o/geWMz4sCh6/qVCZ2+14

Score

N/A

Malware Config

Signatures

Files

73fc5493ef55d43e60ea923da94b9f7faff0968ac37fc5eb6bb7653607d1410d
.exe windows x86

900d7464fa900d11a52188f82f97262a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwClose
ZwCreateFile
RtlInitUnicodeString
IoRegisterDriverReinitialization
MmIsAddressValid
ZwUnmapViewOfSection
strncmp
IoGetCurrentProcess
_wcsnicmp
wcslen
swprintf
PsGetVersion
_wcslwr
wcsncpy
ZwEnumerateKey
ZwSetValueKey
ZwOpenKey
RtlAnsiStringToUnicodeString
_snprintf
ExFreePool
ExAllocatePoolWithTag
ZwQuerySystemInformation
ZwMapViewOfSection
ZwCreateSection
ZwOpenFile
KeDelayExecutionThread
ZwCreateKey
wcscat
wcscpy
PsTerminateSystemThread
PsCreateSystemThread
_stricmp
strncpy
PsLookupProcessByProcessId
KeInitializeTimer
IofCompleteRequest
PsSetCreateProcessNotifyRoutine
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 960B - Virtual size: 958B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 640B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ