824ecdce2a3522ca1389709baf0e3cd2a6b60003eb41d8097d827c5398cd3a1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

824ecdce2a3522ca1389709baf0e3cd2a6b60003eb41d8097d827c5398cd3a1f
Size

5KB
MD5

b407ad8c62b0fd7bae2d445da1479021
SHA1

a74dd0a9e6dd082284960266fc540c16333f1397
SHA256

824ecdce2a3522ca1389709baf0e3cd2a6b60003eb41d8097d827c5398cd3a1f
SHA512

95cb51145822317296ecae270da6ac6bbee74a612a4c8051e96eb66c1910d4c377937965696ca888999c29bff5328cf9961887bbee60daceb0fd5968dbdd362a
SSDEEP

96:KBRKH+EIT03+rtUwCADSAYQ8tTvf5+EYTyqNH7:s8+Eyw+xaADS7Nf5+EoB

Score

N/A

Malware Config

Signatures

Files

824ecdce2a3522ca1389709baf0e3cd2a6b60003eb41d8097d827c5398cd3a1f
.dll windows x86

3ba5df412486bfa094456e1c7102f7b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetCurrentProcessId
InterlockedIncrement
GetModuleHandleA
FreeLibraryAndExitThread
VirtualFree
CloseHandle
Sleep
InterlockedDecrement
CreateThread
OpenProcess
GetVersion
GetProcAddress
VirtualProtect
FlushInstructionCache
RtlUnwind

Exports

Exports

ApiHookChain
CrThread
KiThread

Sections

ClientAW
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ