3ef051e049021f3786f58bcab73ede1bfdd91a3ca4d588f1e3944a7752448920 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ef051e049021f3786f58bcab73ede1bfdd91a3ca4d588f1e3944a7752448920
Size

133KB
MD5

1baaf4e9562e1cefe07e5cee97d647c0
SHA1

96ff979f12a9fd0784db011dc67b6b02e9401e83
SHA256

3ef051e049021f3786f58bcab73ede1bfdd91a3ca4d588f1e3944a7752448920
SHA512

93e933066d9c3b3eeed1a5cc50f79474527174c9f203bb1db69871442f3945fae1e36c5e0331c901636191d6cad1e6f25a7feaa072f3ced91ac416834478f359
SSDEEP

3072:8UYzm2rN5lbQQBiT+4hRxSM12Q8Zjl3FBJYrL:MzTPKRb1h8dlVBJGL

Score

N/A

Malware Config

Signatures

Files

3ef051e049021f3786f58bcab73ede1bfdd91a3ca4d588f1e3944a7752448920
.dll windows x86

e2cd9a7a174c4b5afd5fbde938ac9622

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlAnsiCharToUnicodeChar
MmMapLockedPagesSpecifyCache
IoGetCurrentProcess
ZwQuerySystemInformation
strncmp
ExFreePoolWithTag
ExAllocatePoolWithTag
ObReferenceObjectByHandle
KeBugCheckEx
strncpy
_except_handler3
ObfReferenceObject
KeQueryTimeIncrement
DbgPrint
wcsncpy
strstr
KeTickCount

Sections

.data
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 160B - Virtual size: 147B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 544B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE