82cd4a238a8dad989bd5628e3658b883b3796039f2f1fda19d27f2c76e912fd9

General

Target

82cd4a238a8dad989bd5628e3658b883b3796039f2f1fda19d27f2c76e912fd9
Size

135KB
MD5

e9f7d558d539d01bfd75181926551420
SHA1

99969a0e452f6c1f599a040e3b455ff5ffe09115
SHA256

82cd4a238a8dad989bd5628e3658b883b3796039f2f1fda19d27f2c76e912fd9
SHA512

f61aeb3f12fbf493b09356d6edf07510743b0324c6bff458e8af2af5a266cb2da7918c344031459b124115fc2544bda21567866e5f8abea6491208c2a2380880
SSDEEP

3072:QUtD3yN8wzDsCuWU7ZEAi0Gv7YHZE76VuLFUSfSEp:9utnuWU7Zpi5YHaVLa7

Score

N/A

Malware Config

Signatures

Files

82cd4a238a8dad989bd5628e3658b883b3796039f2f1fda19d27f2c76e912fd9
.dll windows x86

f296f748ed9b7c1c88866e045d8d5882

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExLocalTimeToSystemTime
KdEnableDebugger
IoStartPacket
RtlEqualUnicodeString
ExSystemTimeToLocalTime
RtlFillMemoryUlong
IoReportResourceForDetection
RtlUnicodeStringToInteger
ZwOpenProcess
IoGetRequestorProcessId
CcUnpinDataForThread
RtlUnicodeToMultiByteN
RtlTimeFieldsToTime
RtlFindLeastSignificantBit
RtlxUnicodeStringToOemSize
MmLockPagableDataSection
ZwReadFile
RtlInitializeGenericTable
KeResetEvent
IoAcquireCancelSpinLock
RtlGUIDFromString
KeInitializeTimer
IoAttachDeviceToDeviceStack
RtlInitUnicodeString
ObCreateObject

Exports

Exports

?SendWindowInfoExA@@IJ_NHG@X

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 750B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.string
Size: 1024B - Virtual size: 738B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f296f748ed9b7c1c88866e045d8d5882

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.itext Size: 512B - Virtual size: 104B

.idata Size: 1024B - Virtual size: 750B

.init Size: 512B - Virtual size: 140B

.string Size: 1024B - Virtual size: 738B

.data Size: 11KB - Virtual size: 51KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 1024B - Virtual size: 584B

.text
Size: 10KB - Virtual size: 10KB

.itext
Size: 512B - Virtual size: 104B

.idata
Size: 1024B - Virtual size: 750B

.init
Size: 512B - Virtual size: 140B

.string
Size: 1024B - Virtual size: 738B

.data
Size: 11KB - Virtual size: 51KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 1024B - Virtual size: 584B