2297a382691691be6f8498a8c6f35a70048505c6aded1190d7952d44920e9b84

Sharing

Copy URL

Twitter E-mail

General

Target

2297a382691691be6f8498a8c6f35a70048505c6aded1190d7952d44920e9b84
Size

76KB
MD5

a0d5c29eba20d0ae8162cba84cd5e3b0
SHA1

565e6d8ea52b1714f7b4ad9af42ae451c86b1d15
SHA256

2297a382691691be6f8498a8c6f35a70048505c6aded1190d7952d44920e9b84
SHA512

a02f3ea7308452cf5228cd02692933902a3672ace486c5c2f85fa17b7e7b4cf296b6fb5da96c9a12663008e60125a0d4417104153e17e2a89564d179a74a8f67
SSDEEP

1536:a9o4rXkyqm3bH501rLVbXIwGRDnvalt1R:feX3DKBI1ilt1

Score

N/A

Malware Config

Signatures

Files

2297a382691691be6f8498a8c6f35a70048505c6aded1190d7952d44920e9b84
.dll windows x86

1538cf9bd028f1e31eb3284ae33e1ffd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlUpcaseUnicodeToOemN
DbgBreakPointWithStatus
ExVerifySuite
ExDeletePagedLookasideList
KeSaveFloatingPointState
RtlInitAnsiString
ExSystemTimeToLocalTime
KeDelayExecutionThread
IoInvalidateDeviceRelations
KeRemoveDeviceQueue
PsLookupThreadByThreadId
KeInitializeEvent
ExLocalTimeToSystemTime
RtlFindLeastSignificantBit
RtlSubAuthoritySid
ZwEnumerateValueKey

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_txt
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e_txt
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele3
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tele2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele4
Size: 1024B - Virtual size: 550B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1538cf9bd028f1e31eb3284ae33e1ffd

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 15KB - Virtual size: 15KB

.i_txt Size: 512B - Virtual size: 68B

.e_txt Size: 512B - Virtual size: 512B

.tele3 Size: 512B - Virtual size: 28B

.tele1 Size: 512B - Virtual size: 44B

.tele2 Size: 512B - Virtual size: 44B

.tele4 Size: 1024B - Virtual size: 550B

.data Size: 21KB - Virtual size: 68KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 588B

.text
Size: 15KB - Virtual size: 15KB

.i_txt
Size: 512B - Virtual size: 68B

.e_txt
Size: 512B - Virtual size: 512B

.tele3
Size: 512B - Virtual size: 28B

.tele1
Size: 512B - Virtual size: 44B

.tele2
Size: 512B - Virtual size: 44B

.tele4
Size: 1024B - Virtual size: 550B

.data
Size: 21KB - Virtual size: 68KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 588B