97f7c31ab538aac9181e478adc1fb3409146b5e09f15dce1de35cddc8fdc8f89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97f7c31ab538aac9181e478adc1fb3409146b5e09f15dce1de35cddc8fdc8f89
Size

12KB
MD5

061649ee2e0cab4a0206a44d220bf2b0
SHA1

324369c1a62ad5494d393cb0d8768f6f72eb3115
SHA256

97f7c31ab538aac9181e478adc1fb3409146b5e09f15dce1de35cddc8fdc8f89
SHA512

308450eb6581c23768bcef5a2ffb1fec30b3cb865dcf5dd8618b327b30e096d9f5f50066cb3ac6606d2ee1e6fc3922796cc4efec086669becf66fff17ede907a
SSDEEP

192:bTjv3MGmW9kJFK8oQVgWHpTrUkJ15Z6kA1+xWFrtgKH/pI7v51oWQxQ3tj:bTj/MGTegAgW93JyzFZLH/pQh1UxO

Score

N/A

Malware Config

Signatures

Files

97f7c31ab538aac9181e478adc1fb3409146b5e09f15dce1de35cddc8fdc8f89
.exe windows x86

ea6dafdfecde0223e6b812296cd2492f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

DbgBreakPoint
ExAllocatePool
ExAllocatePoolWithTag
ExFreePool
KdDisableDebugger
KdEnableDebugger
KeBugCheckEx
KeWaitForMultipleObjects
KeWaitForSingleObject
MmGetSystemRoutineAddress
MmMapIoSpace
MmUnmapIoSpace
memmove
KeServiceDescriptorTable
DbgPrint

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 224B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 416B - Virtual size: 410B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 864B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ