d1ec74f70779e53835fc409925b21c751eedc0d5a2f81ab485bb90e2d6e4cbb4

General

Target

d1ec74f70779e53835fc409925b21c751eedc0d5a2f81ab485bb90e2d6e4cbb4
Size

64KB
MD5

7ba3dd42d16c5253434d20947e4e4370
SHA1

48b0833d24ab82d8557d0cc30034660260d05d69
SHA256

d1ec74f70779e53835fc409925b21c751eedc0d5a2f81ab485bb90e2d6e4cbb4
SHA512

19a893c53471cbd4801834c1cb998bb1b0539507d936babaffdfaa4e2c66087b9c95b8eca4a0bd3a280cb05d04d47f72e7e0b099e2a2d814074a55b86e933b85
SSDEEP

768:ZrgZyRu44GTJF0+MsNdfrc5vJMW8RrrDHpKwTOumrcvkET0qpMMpegX/TuFfippT:dgZOu4vZMsv2a1rLpbmRm0ITXLOfi/

Score

N/A

Malware Config

Signatures

Files

d1ec74f70779e53835fc409925b21c751eedc0d5a2f81ab485bb90e2d6e4cbb4
.dll windows x86

f262638e7fdeb09eb680dc4f23a4a9ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExSystemTimeToLocalTime
ExInitializeResourceLite
IoIsSystemThread
ExAllocatePoolWithQuotaTag
MmLockPagableDataSection
ExVerifySuite
RtlFindLeastSignificantBit
RtlInitString
RtlInitAnsiString
IoReleaseCancelSpinLock
ExGetSharedWaiterCount
IoDeleteSymbolicLink
ExLocalTimeToSystemTime
RtlFreeAnsiString
KeCancelTimer

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_txt
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e_txt
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele3
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tele2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele4
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f262638e7fdeb09eb680dc4f23a4a9ca

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 12KB - Virtual size: 11KB

.i_txt Size: 512B - Virtual size: 64B

.e_txt Size: 512B - Virtual size: 512B

.tele3 Size: 512B - Virtual size: 28B

.tele1 Size: 512B - Virtual size: 44B

.tele2 Size: 512B - Virtual size: 44B

.tele4 Size: 512B - Virtual size: 288B

.data Size: 17KB - Virtual size: 64KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 636B

.text
Size: 12KB - Virtual size: 11KB

.i_txt
Size: 512B - Virtual size: 64B

.e_txt
Size: 512B - Virtual size: 512B

.tele3
Size: 512B - Virtual size: 28B

.tele1
Size: 512B - Virtual size: 44B

.tele2
Size: 512B - Virtual size: 44B

.tele4
Size: 512B - Virtual size: 288B

.data
Size: 17KB - Virtual size: 64KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 636B