7e98ba0170615900b7ddd5f972ee1138204d7f148a02d5eb136ce1d18c419691 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7e98ba0170615900b7ddd5f972ee1138204d7f148a02d5eb136ce1d18c419691
Size

73KB
MD5

068448f0398828e4020392ccf0e85605
SHA1

8a6fda0543d18c5e7d2f30b3ced10873931da062
SHA256

7e98ba0170615900b7ddd5f972ee1138204d7f148a02d5eb136ce1d18c419691
SHA512

d27aeb484585b10e0cf08af3d23a1a2591a98bf6007f63de43f32bbf7cb5b1e082568787f6be1530b5a074adc35a4d64e95c32116f08c0ec76ed4f3d315c4d91
SSDEEP

1536:rOwjr+J1rTxPgQ36tEtrDmMD6oqjYuMe4f4G:rprmrtPgi5DmMD/qj04G

Score

N/A

Malware Config

Signatures

Files

7e98ba0170615900b7ddd5f972ee1138204d7f148a02d5eb136ce1d18c419691
.dll windows x86

fd6e39bea21382c4c36b32f4c64e3d1d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeSaveFloatingPointState
RtlCompareString
KeReleaseSemaphore
KeCancelTimer
IoOpenDeviceRegistryKey
RtlIntegerToUnicodeString
KeInsertDeviceQueue
IoCreateStreamFileObjectLite
RtlInitUnicodeString
IoGetStackLimits
ExReinitializeResourceLite
RtlInitString
IoIsWdmVersionAvailable
KeInsertByKeyDeviceQueue
RtlEqualUnicodeString
ZwReadFile
KeInitializeTimerEx
ExGetExclusiveWaiterCount
RtlFindLeastSignificantBit
strncpy
RtlEqualString
ExGetSharedWaiterCount
FsRtlMdlWriteCompleteDev
RtlCharToInteger
RtlMultiByteToUnicodeN
ZwQueryValueKey
IoAttachDeviceToDeviceStack

Sections

.text
Size: 25KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ