101dfccef127f56a80622a303920e9b09797e597a6ca80868231e05142190470 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

101dfccef127f56a80622a303920e9b09797e597a6ca80868231e05142190470
Size

57KB
MD5

93f549193f418ca6694332ddf48aa7db
SHA1

1c2645a70259a4fd91dc107b577d3a73cd36ce8f
SHA256

101dfccef127f56a80622a303920e9b09797e597a6ca80868231e05142190470
SHA512

997f7ac050e6fdfead0e789f6683f703cb8e07bc4c71d679a9dd06c078abc642e2bbf89c92d6da470a3cbf26edc7f96b9c1145954fccece56df0c7eb273cc23d
SSDEEP

192:brcYKxLfHCA5bvxmHvdJ2kb2ZO1A1kntkWchzOZI87oooDaBf20xvyQDudDRT:E5LPCAlvxEukbLAKiWchz8T/bxbEFT

Score

N/A

Malware Config

Signatures

Files

101dfccef127f56a80622a303920e9b09797e597a6ca80868231e05142190470
.exe windows x86

bc9204124fa32fc476b29c6ac64f9b9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ObfDereferenceObject
ExAllocatePoolWithTag
IoGetDeviceObjectPointer
RtlInitUnicodeString
ExFreePoolWithTag

Sections

.text
Size: 640B - Virtual size: 590B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 256B - Virtual size: 198B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ