95354fbdface24843fb889741e04925541ad28e7ee42b893787388c57fb0c26c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95354fbdface24843fb889741e04925541ad28e7ee42b893787388c57fb0c26c
Size

378KB
MD5

74c7a94e51f3bda26beb34d12a992aa7
SHA1

e58c2b306f56558fe43fbeb3a6394b4091d683f2
SHA256

95354fbdface24843fb889741e04925541ad28e7ee42b893787388c57fb0c26c
SHA512

16f4deb4c63edbef598b0ec2af927e3ec1f4fdbf9f0df5e62bb0d9bb0df10c1cae48035acb5355a4c301fa4697f77e4c937000982fa6575e566b90a31f5e65b8
SSDEEP

6144:ACbqWxHms++k9kNIzk16ffkurOpbDIgFhXYWXMHJyUooBMpacpVnYrZVxWn60u3V:v5FQ2KJPcniWgdQsyDS

Score

N/A

Malware Config

Signatures

Files

95354fbdface24843fb889741e04925541ad28e7ee42b893787388c57fb0c26c
.dll windows x86

18946d45d2e7773e4108898b897ccfa8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlFindMostSignificantBit
RtlInitAnsiString
RtlAnsiStringToUnicodeString
KeGetCurrentThread
RtlUpcaseUnicodeChar

Exports

Exports

?DecodeArgumentA@@YG_KPAX@Z
?DecodeArgumentExW@@YG_KPAX@Z
?DecodeArgumentW@@YG_KPAX@Z

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 35KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE