d4c72f51b4b641c73ad259ee8bbab6f80883cb43766a3034a673326910204503

Sharing

Copy URL Twitter E-mail

General

Target

d4c72f51b4b641c73ad259ee8bbab6f80883cb43766a3034a673326910204503
Size

47KB
MD5

5b7012f859a05332b6230c6589a57095
SHA1

5f4bfadb8e64a7ee4161dd981176a816bdea955d
SHA256

d4c72f51b4b641c73ad259ee8bbab6f80883cb43766a3034a673326910204503
SHA512

6258ffd98fd4f12c85139b3f2f78bcac4edd77f16af5e330ceea8c3151272c75e618e78719741186089dfb3b1b0af61e42d3a574a4c9f5c47015f9dd9423ea96
SSDEEP

768:MLecAJmhWIrpee7zRsQzsGmJPp67+ixIyR9NOXCfOgvNxvExTaw+HTd+TqA7:LcAJ5I179siCEO6NOERvIaw+HT8eA

Score

N/A

Malware Config

Signatures

Files

d4c72f51b4b641c73ad259ee8bbab6f80883cb43766a3034a673326910204503
.dll windows x86

09d077c101dd05707e9fadbbfa2c04fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwFlushKey
ZwOpenSection
IoCreateStreamFileObjectLite
RtlUnicodeToOemN
KeFlushQueuedDpcs
PoUnregisterSystemState
ExReleaseFastMutexUnsafe
MmIsDriverVerifying
RtlSecondsSince1970ToTime
IoConnectInterrupt
IoCreateSymbolicLink
PoSetPowerState
RtlUpperChar
ExRaiseAccessViolation
KeReadStateSemaphore
IoDeviceObjectType
ExIsProcessorFeaturePresent
KeDeregisterBugCheckCallback
ZwOpenKey
KdEnableDebugger

Exports

Exports

?NfdhpsxmawptmHmWTUFcQ@@YGEF@Z
?ycMxEHwtgifjp@@YGPAKIJ@Z
?dwuVFuCujxvyUEkbLfSCeu@@YGPAXGPAJ@Z

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbgdir
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbg
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09d077c101dd05707e9fadbbfa2c04fa

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.idata Size: 1024B - Virtual size: 606B

.dbgdir Size: 512B - Virtual size: 512B

.dbg Size: 512B - Virtual size: 512B

.xdata Size: 18KB - Virtual size: 18KB

INIT Size: 11KB - Virtual size: 11KB

INIT Size: 512B - Virtual size: 446B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.idata
Size: 1024B - Virtual size: 606B

.dbgdir
Size: 512B - Virtual size: 512B

.dbg
Size: 512B - Virtual size: 512B

.xdata
Size: 18KB - Virtual size: 18KB

INIT
Size: 11KB - Virtual size: 11KB

INIT
Size: 512B - Virtual size: 446B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB