c1e266f72157768646c215888b66a6b74793974929c3e5d372ed5b0de7f9e2dd

General

Target

c1e266f72157768646c215888b66a6b74793974929c3e5d372ed5b0de7f9e2dd
Size

183KB
MD5

f046d89386dc9be5ca0c14fc45851872
SHA1

68357050b6ad6eabe746e21999adaa06507b47a6
SHA256

c1e266f72157768646c215888b66a6b74793974929c3e5d372ed5b0de7f9e2dd
SHA512

90d16ce6789f49ee0917d11c489bb6f859386827d58f424784483403c86fedf34ccce9f8400b5e9a256d859bc03997b89133c9c7d0d4eac7547b9e2aef58d961
SSDEEP

3072:FKUvkrkmRqYAScxzTCu6uVW0egfexWlyK4yOTFO+HLJJedbVTQiJTfZl:ws7HSc5v74gACyZTFOELDqTJr

Score

N/A

Malware Config

Signatures

Files

c1e266f72157768646c215888b66a6b74793974929c3e5d372ed5b0de7f9e2dd
.dll windows x86

571dd8aeff3405f93d1f04aaa167377a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

SeCaptureSubjectContext
SeDeleteObjectAuditAlarm
CcDeferWrite
IoBuildPartialMdl
IoFreeIrp
SeTokenIsRestricted
IoCheckShareAccess
IoGetLowerDeviceObject
ZwCreateSection
ZwQuerySymbolicLinkObject
KeEnterCriticalRegion
FsRtlNotifyInitializeSync
IoGetInitialStack
IoWMIRegistrationControl
ZwOpenSymbolicLinkObject
KeReadStateTimer
IoDeviceObjectType
KeGetCurrentThread
RtlGetVersion
MmUnlockPages
IoGetDmaAdapter
RtlUnicodeStringToInteger
SeSetSecurityDescriptorInfo
RtlUpcaseUnicodeString
ExIsProcessorFeaturePresent
RtlIsNameLegalDOS8Dot3
CcGetFileObjectFromBcb
KeInitializeDeviceQueue
ObfReferenceObject
KeDetachProcess
MmCanFileBeTruncated
ObReferenceObjectByPointer
IoThreadToProcess
KeTickCount
IoGetAttachedDevice
IofCallDriver
IoGetDeviceInterfaceAlias
FsRtlDeregisterUncProvider
IoInitializeIrp
DbgBreakPoint
KeLeaveCriticalRegion
RtlCreateSecurityDescriptor
ZwOpenFile
KeInsertByKeyDeviceQueue
IoVerifyVolume
IoDeleteController
CcMdlRead

Exports

Exports

?IsNotPenEx@@YGPAFIGPAJG<V
?DeleteDirectory@@YGXEPAGME<V
?IsNotCommandLineW@@YGPAIGMPAF<V
?PutMessageEx@@YGMPA_N<V
?PutObject@@YGPADFPAMPAJPA_N<V
?EnumConfigExW@

Sections

.text
Size: 65KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

571dd8aeff3405f93d1f04aaa167377a

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 89KB

.text
Size: 65KB - Virtual size: 89KB