7e24d3b04a506b0e85cfc30ef3190a4f19ef9689b2f9354531971cec9349d611 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7e24d3b04a506b0e85cfc30ef3190a4f19ef9689b2f9354531971cec9349d611
Size

2KB
MD5

a6f18533dd2727932c4be545aef0fa79
SHA1

1a5b73857d3cb34f39c6dba1f83eb33d3ba5fbb8
SHA256

7e24d3b04a506b0e85cfc30ef3190a4f19ef9689b2f9354531971cec9349d611
SHA512

418600c2032bfb933fa64b350c88518d27c9bbc7997c379581f0018cfbb0b75796c3b7d8ea77123f072b0cd307655375b6763727a09f5e4465c58279d1917906

Score

N/A

Malware Config

Signatures

Files

7e24d3b04a506b0e85cfc30ef3190a4f19ef9689b2f9354531971cec9349d611
.exe windows x86

d44ede785881c8646327e5a077c4f9ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3

Sections

.text
Size: 768B - Virtual size: 740B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 308B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ