c67c8756c3a5a9b6a447d2c26710f20663fe26cead525f7e4c3b1854df3065ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c67c8756c3a5a9b6a447d2c26710f20663fe26cead525f7e4c3b1854df3065ce
Size

28KB
MD5

47ac0d528209b39d8c0b988cc4147950
SHA1

d2736c9fc60463bfe51c00a097250f7afe0d8b3d
SHA256

c67c8756c3a5a9b6a447d2c26710f20663fe26cead525f7e4c3b1854df3065ce
SHA512

b380aca78554e13e6f9e23cf065f855f7f0184e40a4cd210aa225fdabde6cc36743e2c396c26f25907977a2300ec86865e4948399761d099c5e4aff43e5584f3
SSDEEP

768:fZGPs4Ub0v/tPmSWptGaSNUxuIRpJF6vr6NM2:xGU5b0HteSGtmUxu+NNT

Score

N/A

Malware Config

Signatures

Files

c67c8756c3a5a9b6a447d2c26710f20663fe26cead525f7e4c3b1854df3065ce
.exe windows x86

ad2fd1c1d9f54ccbaea7f7c482998761

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
IofCompleteRequest
ExFreePool
_snprintf
ExAllocatePoolWithTag
_strnicmp
ObfDereferenceObject
wcslen
swprintf
wcscat
wcscpy
_stricmp
strncpy
ZwClose
ZwOpenKey
MmGetSystemRoutineAddress
_except_handler3
_itow
_wcsnicmp
strncmp
RtlCopyUnicodeString
RtlAnsiStringToUnicodeString

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 928B - Virtual size: 922B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ