d0ed5a0d1920ec9a33acd1358ff52daf0d64ef32a550af58d401e15cf721aa05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0ed5a0d1920ec9a33acd1358ff52daf0d64ef32a550af58d401e15cf721aa05
Size

13KB
MD5

cfbd7e3f5997ce0321c604f3a4a90eb9
SHA1

055fa961f0ddd9d9e82f78fd4a3df4b3a030cc83
SHA256

d0ed5a0d1920ec9a33acd1358ff52daf0d64ef32a550af58d401e15cf721aa05
SHA512

e26730ad56e67a4a3c5a295aab41233931a4ef06119abe476c4e6eda0818f8d7bb8c547940dffb5adfbd9524520f3a7e2a150db4fef0f0cffc12f238441c75ea
SSDEEP

384:r88+nQf8OgzYrUe19Gv7+05gNDe7vSH8/tK:A8+q8DzPfON0vS2w

Score

N/A

Malware Config

Signatures

Files

d0ed5a0d1920ec9a33acd1358ff52daf0d64ef32a550af58d401e15cf721aa05
.exe windows x86

ea6dafdfecde0223e6b812296cd2492f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

DbgBreakPoint
ExAllocatePool
ExAllocatePoolWithTag
ExFreePool
KdDisableDebugger
KdEnableDebugger
KeBugCheckEx
KeWaitForMultipleObjects
KeWaitForSingleObject
MmGetSystemRoutineAddress
MmMapIoSpace
MmUnmapIoSpace
memmove
KeServiceDescriptorTable
DbgPrint

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 224B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 416B - Virtual size: 410B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 864B - Virtual size: 862B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ