b25d531ec0524af539a2dff0a3d3d4530ee3496e640f24951bbb28a0cc169c8e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b25d531ec0524af539a2dff0a3d3d4530ee3496e640f24951bbb28a0cc169c8e
Size

73KB
MD5

2e159dac1b22a1fdad13efcd2c3261d4
SHA1

d688764361fb3716690c7d08ed198a409f36ad8c
SHA256

b25d531ec0524af539a2dff0a3d3d4530ee3496e640f24951bbb28a0cc169c8e
SHA512

4b8309cab2f2d4640ffbbbe49c74e3ce2bbe7f4da82b568d8eb431a43464b1859224f7e4b360a52c2ba91db54276bedfa877476e0943e656e64a6a2a82bbbf17
SSDEEP

1536:UZFRkKG0ZNiA121/G120LPQvNaclqczV9duRMsq6nm:roZNi9JaT0fJPsq6nm

Score

N/A

Malware Config

Signatures

Files

b25d531ec0524af539a2dff0a3d3d4530ee3496e640f24951bbb28a0cc169c8e
.dll windows x86

9dcf89cd00888458ab34262dd4c763a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExUnregisterCallback
RtlInitUnicodeString
ExCreateCallback
KeDelayExecutionThread
PsGetCurrentThreadId
RtlEqualUnicodeString
RtlUpperChar
RtlTimeFieldsToTime
RtlInitString
SeQueryInformationToken
RtlValidSid
MmForceSectionClosed
ZwOpenProcess
KeInitializeApc
RtlSetAllBits
FsRtlIsFatDbcsLegal
IoOpenDeviceRegistryKey
PsSetLoadImageNotifyRoutine
CcSetBcbOwnerPointer
RtlEqualString
ExDeleteResourceLite

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ