8c9a5c7f0b2a282eedecfec00e1272a65d37e9763df8187d52e04c74bcefbdd9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c9a5c7f0b2a282eedecfec00e1272a65d37e9763df8187d52e04c74bcefbdd9
Size

41KB
MD5

fc4158c0885f7cb846860adf1a1910b5
SHA1

989eb950948e53ace6219f1051661f3eb94984cc
SHA256

8c9a5c7f0b2a282eedecfec00e1272a65d37e9763df8187d52e04c74bcefbdd9
SHA512

ab0ce87b5c99dd401ee67946712930b79dc655b76feb413980a3fb76e4e944bee8c5dcd6b1ebd74cb4fe535683d253ec3165078acb5134fd3e17800c2436288f
SSDEEP

768:Po++Vu0Vwcmoxp0jqOwZpT3mBsfgycI24nyLN9TDSmd7v3dre:PoNuMG/jqhWBsIycJMm5Sqv3dre

Score

N/A

Malware Config

Signatures

Files

8c9a5c7f0b2a282eedecfec00e1272a65d37e9763df8187d52e04c74bcefbdd9
.exe windows x86

54818b24d8b99531ac38d165cdbca104

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
MmIsNonPagedSystemAddressValid
RtlInitAnsiString
RtlWalkFrameChain
MmGetSystemRoutineAddress
RtlAnsiStringToUnicodeString

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 240B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ