e29af7946eed36de49220bbe07f59eb4dde8e8219b162399cee794589d7a6c05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e29af7946eed36de49220bbe07f59eb4dde8e8219b162399cee794589d7a6c05
Size

42KB
MD5

0d13d81a0f113efd4846b87fccb43a38
SHA1

920aabaf3a0a95a7dcd55722a67aa5a13154a075
SHA256

e29af7946eed36de49220bbe07f59eb4dde8e8219b162399cee794589d7a6c05
SHA512

21beda2d1003e70e1038c666d676544049bc4d2fc527a5bb7609eee924c299a1ace050f6bbcc79f9ad16fb9d617139750cc4d14b48afad3927747814f3a4c0c5
SSDEEP

768:rMr3IzhTw46bSCfVYPNQ6MbIrYD/Qg3HNVw3Nb0tpzagJjmVEl3VcoM:r23Izlw4qJdYVQ66ZogXnENyp/g

Score

N/A

Malware Config

Signatures

Files

e29af7946eed36de49220bbe07f59eb4dde8e8219b162399cee794589d7a6c05
.exe windows x86

1d24087d5b30e6adc24813f8c77994ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitAnsiString
MmGetSystemRoutineAddress
RtlWalkFrameChain
MmIsNonPagedSystemAddressValid
RtlAnsiStringToUnicodeString
ExAllocatePoolWithTag

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 240B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 34B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ