fa95ba02c47796f070406e681c74486ffd3717da8d65e53c23c6c89c509be271 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa95ba02c47796f070406e681c74486ffd3717da8d65e53c23c6c89c509be271
Size

2KB
MD5

2605a2f29c3ec188b9e6b50baf99be54
SHA1

3d30a8c40a75f3c7665f99cd7557ede11ec4f77b
SHA256

fa95ba02c47796f070406e681c74486ffd3717da8d65e53c23c6c89c509be271
SHA512

b4da733be1f882d212ab64057621a9abc61be947539074c5e855d2cee461e0b72e03e7f83613de77ac4fd4d36ce25d3c8e7f8aeb8895d8d13266e12acc7a221c

Score

N/A

Malware Config

Signatures

Files

fa95ba02c47796f070406e681c74486ffd3717da8d65e53c23c6c89c509be271
.exe windows x86

ca9a8086c01d7549b7c006547678d2c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
_except_handler3

Sections

.text
Size: 768B - Virtual size: 724B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 308B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ