d8a7fefc83a59b3f6b622243694d431b4db3018ce21da0a7fc5c5c59a361966d

General

Target

d8a7fefc83a59b3f6b622243694d431b4db3018ce21da0a7fc5c5c59a361966d
Size

331KB
MD5

636d4c17b7918ef933ceb05f317819b7
SHA1

083b6294ff955d06a8e5673219d645d006b8a63d
SHA256

d8a7fefc83a59b3f6b622243694d431b4db3018ce21da0a7fc5c5c59a361966d
SHA512

851290ed0d7f7b0193219823bac764932df331fc0fe28ff4908d9fa0668b8e021cc42ecaa366c854159b15b2908f34a3774141ed154be85557d324af66fca63b
SSDEEP

6144:p4DSCi/zznv4sGA8sxWae6u2Bya/rtU61I+AK3uK6HxjnLJtQodWihh18:SmCWLus4ae6lyap1I+Ayu7HxjnLbQU8

Score

N/A

Malware Config

Signatures

Files

d8a7fefc83a59b3f6b622243694d431b4db3018ce21da0a7fc5c5c59a361966d
.dll windows x86

b5eef883b759a53f1a0caa357291350d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExSetTimerResolution
IoAllocateErrorLogEntry
KeInitializeDpc
RtlUnicodeStringToOemString
RtlGetVersion
SeCaptureSubjectContext
IoVerifyPartitionTable
ExGetPreviousMode
ZwReadFile
KeEnterCriticalRegion
IoDeleteDevice
KeInitializeSemaphore
RtlCreateAcl
FsRtlNotifyUninitializeSync
RtlInitializeGenericTable
CcFlushCache
IoBuildPartialMdl
MmIsVerifierEnabled
ExDeleteResourceLite
IoReleaseVpbSpinLock
PsCreateSystemThread
KeInitializeQueue
KeDelayExecutionThread
FsRtlIsFatDbcsLegal
RtlCreateSecurityDescriptor
ExRegisterCallback
ObReferenceObjectByHandle
IoStartPacket
ObCreateObject
SeLockSubjectContext
IoGetDeviceProperty
KeGetCurrentThread
KeSetTargetProcessorDpc
RtlFindNextForwardRunClear
ZwDeleteValueKey
RtlWriteRegistryValue
IoGetInitialStack
CcMapData
KeTickCount
MmUnmapReservedMapping
FsRtlFastUnlockSingle
KeSetBasePriorityThread
ExAllocatePoolWithTag
KeInitializeSpinLock
KeLeaveCriticalRegion
ExRaiseAccessViolation
ObReleaseObjectSecurity
IoBuildSynchronousFsdRequest
MmMapLockedPagesSpecifyCache

Exports

Exports

?IsValidPointer@@YGPAIEH<V
?CallVersionOld@@YGPA_NPAHPAD<V
?IsNotStringW@@YGMIPAJ<V
?FormatDeviceEx@@YGHM<V
?IsDateTimeW@@YG_NJF<V
?InsertTextExA@@YGFKE<V

Sections

.text
Size: 65KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b5eef883b759a53f1a0caa357291350d

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 91KB

.text
Size: 65KB - Virtual size: 91KB