36fdc8a27edb54b5ec9b47d13963b566a1b1ab0e2599e112004c8bcb50c08e99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36fdc8a27edb54b5ec9b47d13963b566a1b1ab0e2599e112004c8bcb50c08e99
Size

28KB
MD5

f5383d1a1753d2316c24f5175a52c510
SHA1

b645a96fed26af22fc9fe210d07c0d26224a6540
SHA256

36fdc8a27edb54b5ec9b47d13963b566a1b1ab0e2599e112004c8bcb50c08e99
SHA512

1d41cdefbee1f9a0cf916300e43f2721e4190ed8e8c02620fb1dfeb2dbf48eb6b82478d4fee5719f9af467c0f9fb1b86003bebe66cb60b8cd8fbdf05d8dfde6d
SSDEEP

384:3FOcLT4/+aySpnAy8Q8sEiIdDAHsahNNk+J0lvk0DwM:VNLTg72Q8XiId5ahNC+6mFM

Score

N/A

Malware Config

Signatures

Files

36fdc8a27edb54b5ec9b47d13963b566a1b1ab0e2599e112004c8bcb50c08e99
.dll windows x86

604af5cd27fa86801742fdf7dd75fd6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtClose

basesrv

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Exports

Exports

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Sections

.text
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE