7d5a170358a69bb7419116e031de9a6af790b23e306a5c3d28483020dd242acd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d5a170358a69bb7419116e031de9a6af790b23e306a5c3d28483020dd242acd
Size

4KB
MD5

099533c55f82b2fa72b801005d23dbf4
SHA1

3c705d65d469b994fb9132808488a79e4b21b570
SHA256

7d5a170358a69bb7419116e031de9a6af790b23e306a5c3d28483020dd242acd
SHA512

b3a5c9eff2b5ba20f95f9ad3890a4dec874205ff7fa36c94cb433cd48536da4a08ee5204f967035c5e114c2cb63f6e2dc4ffe2d90d8cd18da92868f3986616a4
SSDEEP

48:I1iBHtibzA2jtosOM6922XZqCbmXGY8t7MatYy7RoYwqcfqPq9bU5AyQ:JwnB0yXamOPcyi9Y5AyQ

Score

N/A

Malware Config

Signatures

Files

7d5a170358a69bb7419116e031de9a6af790b23e306a5c3d28483020dd242acd
.exe windows x86

9083d860012824450b2c94f76807bb33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlAppendUnicodeToString
RtlInitUnicodeString
ExFreePoolWithTag
wcslen
memmove
ExAllocatePoolWithTag
RtlCompareUnicodeString
_except_handler3
KeTickCount
KeBugCheckEx

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 768B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 366B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ