c681b946050b3116128e486870cd421d396827a0b73b18aeb0d5354c6d6446ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c681b946050b3116128e486870cd421d396827a0b73b18aeb0d5354c6d6446ca
Size

3KB
MD5

96f7b2c28b923ca49466addefa194c34
SHA1

9dd3f690b376a141d84543ee6c19847bcac2776e
SHA256

c681b946050b3116128e486870cd421d396827a0b73b18aeb0d5354c6d6446ca
SHA512

b95cf43c670136aa8ab2fbfe44108f2ad791d0975fd658df8021f4a4b89bd614ec4ae3aeea625bfc78255ff7be2f847170309ed2033588b6fc4ebc458e2a0e67

Score

N/A

Malware Config

Signatures

Files

c681b946050b3116128e486870cd421d396827a0b73b18aeb0d5354c6d6446ca
.exe windows x86

fba1aa01313a11f40ed16f5ffdfb37a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

DbgPrint
IofCompleteRequest
ProbeForWrite
KeServiceDescriptorTable
ProbeForRead
_except_handler3
IoDeleteDevice
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
KeTickCount

Sections

.text
Size: 640B - Virtual size: 592B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ