923e12d8dad75ede6ee220365ef4a37f783a04b73da8293f6aa73847b82291dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

923e12d8dad75ede6ee220365ef4a37f783a04b73da8293f6aa73847b82291dd
Size

135KB
MD5

d986cdea0a1d4725ac676d35c25c5300
SHA1

446d717b5e8e156a132fe912b506b30a0857014c
SHA256

923e12d8dad75ede6ee220365ef4a37f783a04b73da8293f6aa73847b82291dd
SHA512

0b7b198412774f0baaf41fa30bda77a76533e9b75f104de0ff6cc034109ffdc7413a7046370a15c7265c9b099f5e4322633a1f50f268c3967e094760a0e21a1e
SSDEEP

3072:hI7nWQF8CFTbndCd2fRveMeOhpcFJva//IT3TCJtz5HsSe:BQF8CZbnd+uvWUGFlGjH5Hs

Score

N/A

Malware Config

Signatures

Files

923e12d8dad75ede6ee220365ef4a37f783a04b73da8293f6aa73847b82291dd
.dll windows x86

d1d3d76ad3326c71537339f7a779a697

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

VfIsVerificationEnabled
IoGetDeviceToVerify
IoGetCurrentProcess
PoShutdownBugCheck
MmMapLockedPagesSpecifyCache
_except_handler3
ExFreePoolWithTag
strstr
IoUnregisterPlugPlayNotification
strncmp
ExAllocatePoolWithTag
KeBugCheckEx
SeQueryAuthenticationIdToken
KeQueryTimeIncrement
ZwQuerySystemInformation
KeI386Call16BitFunction
ObfReferenceObject
DbgPrint
wcsncpy
RtlAnsiCharToUnicodeChar
strncpy
RtlTestBit
ExLocalTimeToSystemTime
ObReferenceObjectByHandle
KeTickCount

Sections

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 640B - Virtual size: 624B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 800B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE