78c148c787dc63fd0dc4be00e66a3a74dfc6c7dbe7e7c5c65537b97de94bba68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

78c148c787dc63fd0dc4be00e66a3a74dfc6c7dbe7e7c5c65537b97de94bba68
Size

15KB
MD5

36e4cd1de16fb7a058d21fefd275aefb
SHA1

7361177da59340752d718c68a9436c2b08765506
SHA256

78c148c787dc63fd0dc4be00e66a3a74dfc6c7dbe7e7c5c65537b97de94bba68
SHA512

f14c603b44cc9d602e66edadcaad01b8cff61b45e1ca3b1d9c2285aef180cdac1974ab65987688b34ce3ba9a7f5b131761704a8988cfd90987f3452898e755e0
SSDEEP

192:DeSSSSSSSSSTdXgq/nH7sC5kQO0+11nNIfxhHzx+Eun0Dm8l6sgC4lgiZPw7KE:pXgqPbl5hxhgvnSmMrgyxKE

Score

N/A

Malware Config

Signatures

Files

78c148c787dc63fd0dc4be00e66a3a74dfc6c7dbe7e7c5c65537b97de94bba68
.exe windows x86

325302e9e6a3393750d6e87a24af833e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
IoCreateDevice
IoCreateSymbolicLink
IofCompleteRequest
KeServiceDescriptorTable
ZwQueryDirectoryFile
ZwAllocateVirtualMemory
RtlCompareUnicodeString

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 288B - Virtual size: 282B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 592B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ