7cde43d4689f2c4ba7a1c37d5126fcb818e6978e7ea4cd2b7f26202d1c6a87ac

General

Target

7cde43d4689f2c4ba7a1c37d5126fcb818e6978e7ea4cd2b7f26202d1c6a87ac
Size

72KB
MD5

8fde9a9e90f2a3c995789e576f595440
SHA1

94bb4eeb87a024a67aa67e132b908a2ad00ba7e4
SHA256

7cde43d4689f2c4ba7a1c37d5126fcb818e6978e7ea4cd2b7f26202d1c6a87ac
SHA512

96e1d4b78c79bbf51689f34f7de30a5c27e8b6bbc4d1f9c71416832d61a15e28e9da1b7e735609daa8135b6ee7d9ab48bc633ba72bc40ed6ce1473b83d8e8e8f
SSDEEP

1536:jko1MZ1jqgUck4neYFDVuiTCklGK5w8xJXO3O:jLMPUcZ5aKq8x0e

Score

N/A

Malware Config

Signatures

Files

7cde43d4689f2c4ba7a1c37d5126fcb818e6978e7ea4cd2b7f26202d1c6a87ac
.dll windows x86

3d019df3efa33cb45be53236588e9094

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteSymbolicLink
MmForceSectionClosed
RtlFreeUnicodeString
KeEnterCriticalRegion
KeLeaveCriticalRegion
RtlDeleteElementGenericTable
ZwSetSecurityObject
KdDisableDebugger
IoGetDeviceToVerify
IoCheckEaBufferValidity
CcFastCopyRead
HalExamineMBR
RtlFindClearBitsAndSet
ProbeForRead
IoDeviceObjectType
KeGetCurrentThread
ObInsertObject
IoSetShareAccess
RtlCreateSecurityDescriptor
MmIsThisAnNtAsSystem
RtlFindClearBits
KeInitializeTimer
IoQueueWorkItem
ZwDeleteKey
RtlQueryRegistryValues
IoGetTopLevelIrp
IoInvalidateDeviceRelations
FsRtlCheckLockForReadAccess
ExUnregisterCallback
IoReleaseCancelSpinLock
IoGetBootDiskInformation
KeRestoreFloatingPointState
SeTokenIsRestricted
IoSetTopLevelIrp
ObGetObjectSecurity
PoUnregisterSystemState
IoGetDeviceAttachmentBaseRef
KeQueryInterruptTime
KeTickCount
PsDereferencePrimaryToken
IoGetDiskDeviceObject
MmFreeNonCachedMemory
IoCheckShareAccess
MmFreeMappingAddress
MmHighestUserAddress
IoVerifyVolume
ZwQuerySymbolicLinkObject
RtlAnsiStringToUnicodeString
CcPinMappedData
ExSystemTimeToLocalTime
DbgBreakPointWithStatus
KeReadStateMutex
KeInitializeEvent
ExGetExclusiveWaiterCount

Exports

Exports

?RtlDirectoryExW@@YGPADHPAG<V
?DeleteVersionExW@@YGGD<V
?FindSectionA@@YGFFPA_NGM<V
?ModifyPathExW@@YGKK<V
?SetFilePathW@@YGIPAJJIPAJ<V
?IsNotFileEx@@YGMPAMDF<V

Sections

.text
Size: 45KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d019df3efa33cb45be53236588e9094

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 63KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 45KB - Virtual size: 63KB

.data
Size: 4KB - Virtual size: 3KB