bc225142ec37d1be275af582e646758f9e17a13aa0fa2b6bffe2e752d2d7dfbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc225142ec37d1be275af582e646758f9e17a13aa0fa2b6bffe2e752d2d7dfbf
Size

13KB
MD5

abe411b922ca5d09523dfd2f806e63a7
SHA1

b8eace676328c483f661c59434f954bb9b304089
SHA256

bc225142ec37d1be275af582e646758f9e17a13aa0fa2b6bffe2e752d2d7dfbf
SHA512

60fbbe0b5f3f81912702d355c862e2c8c8e0760bc8a48319476d4268a7465a58512ccc80c11fe72e5a48a808bd7d7f27a0ec1da718dfda6597e97af3606346eb
SSDEEP

192:eO3PWdzzJgn5v/EM0FzOHk6o7WlCudlxCLK6pxlBvpTmOWHhXCr63E7hZP3R2D:eO3RnF/MFomuCu9x05Q863MhB8

Score

N/A

Malware Config

Signatures

Files

bc225142ec37d1be275af582e646758f9e17a13aa0fa2b6bffe2e752d2d7dfbf
.exe windows x86

320c32f9cdfcaf5ba5285eadfa0a0f4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePool
ExAllocatePoolWithTag
ExFreePool
KdDisableDebugger
KdEnableDebugger
KeBugCheckEx
KeWaitForMultipleObjects
KeWaitForSingleObject
MmGetSystemRoutineAddress
MmMapIoSpace
MmUnmapIoSpace
memmove
KeServiceDescriptorTable
DbgPrint

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 224B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 416B - Virtual size: 390B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 864B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ