bbc326da0462bddf11c5cb07f0f9a5af7971f28c140a62e9f5e9f0d425878054 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbc326da0462bddf11c5cb07f0f9a5af7971f28c140a62e9f5e9f0d425878054
Size

474KB
MD5

76316e82bdfd0b24a4aaa638e2f7c3da
SHA1

637d697989b5995038d4e4638e99527949951d49
SHA256

bbc326da0462bddf11c5cb07f0f9a5af7971f28c140a62e9f5e9f0d425878054
SHA512

e06cf29e8fe553d0a75b3bdc8a4f1f9ed01f9b8a620c5bf35b18e7cea652cd722e7177aeba36f0e3cd3101ec72f69895fd929dacf321e7893e2a7432b34fe252
SSDEEP

12288:LCrRSs2PEc+QZpUBJ1vrABGI3FJSJ2reEZp:LC9SDHvZYJ1vrAZFJS8e

Score

N/A

Malware Config

Signatures

Files

bbc326da0462bddf11c5cb07f0f9a5af7971f28c140a62e9f5e9f0d425878054
.exe windows x64

f75c98f7690ec653cbdaab2f6efe94d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

ZwQuerySystemInformation
KeWaitForSingleObject
ZwOpenKey
ZwQueryValueKey
IoCreateDevice
IoAllocateMdl
IoFreeMdl
KeInitializeSemaphore
KeReleaseMutex
KeInitializeMutex
ZwClose
IoDeleteDevice
IoBuildPartialMdl
KeWaitForMultipleObjects

Sections

.text
Size: 444KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ