6a7220dacf0fd9c62f31b863b8411010b799b88b9644b122751e31b6bf18684b

General

Target

6a7220dacf0fd9c62f31b863b8411010b799b88b9644b122751e31b6bf18684b
Size

159KB
MD5

f474d0558ef81dab532a2ef60b7ac2b0
SHA1

14e7ba7d7b3c045d00a33ffffcbe9b3fd3717d04
SHA256

6a7220dacf0fd9c62f31b863b8411010b799b88b9644b122751e31b6bf18684b
SHA512

fcfc1509f9f18f921e8d6ce436d389ad5a5e76c90f60e678ecfbf4991f79957a6fbb803024b801bdc50cc7d5836d81c7bf0fa6d4f7719699686e8bc0be58128d
SSDEEP

3072:G478wzvsCE6WFY69NrdlQzXVPkD6c2FfL26HQnZ3gXk23s5Pa+jB3fwLEx:xtTMswL2FfL3yJaU3

Score

N/A

Malware Config

Signatures

Files

6a7220dacf0fd9c62f31b863b8411010b799b88b9644b122751e31b6bf18684b
.dll windows x86

692be88c16c9ecd4aa97b98cf3d61b3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlHashUnicodeString
MmQuerySystemSize
IoWriteErrorLogEntry
MmGetSystemRoutineAddress
RtlTimeFieldsToTime
ExLocalTimeToSystemTime
IoReleaseCancelSpinLock
IoSetDeviceInterfaceState
RtlEqualUnicodeString
IoCreateStreamFileObjectLite
RtlSetBits
RtlInitUnicodeString
IoStartTimer
FsRtlIsFatDbcsLegal
ExSystemTimeToLocalTime
ExDeletePagedLookasideList
RtlxUnicodeStringToOemSize
MmFreeContiguousMemory
CcIsThereDirtyData
FsRtlSplitLargeMcb
RtlFindLeastSignificantBit
KeReadStateEvent
IoDeleteDevice

Exports

Exports

?InsertPointA@@IJEPAH@X
?FormatSizeEx@@IJGGPAN@X

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.string
Size: 512B - Virtual size: 310B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

692be88c16c9ecd4aa97b98cf3d61b3f

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.itext Size: 512B - Virtual size: 96B

.idata Size: 1024B - Virtual size: 704B

.init Size: 512B - Virtual size: 140B

.string Size: 512B - Virtual size: 310B

.data Size: 11KB - Virtual size: 51KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 1024B - Virtual size: 596B

.text
Size: 10KB - Virtual size: 10KB

.itext
Size: 512B - Virtual size: 96B

.idata
Size: 1024B - Virtual size: 704B

.init
Size: 512B - Virtual size: 140B

.string
Size: 512B - Virtual size: 310B

.data
Size: 11KB - Virtual size: 51KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 1024B - Virtual size: 596B