98d5016e77fbabea89c23afc7a918600d4fe2242e6fb733ac3f721d01687d863

General

Target

98d5016e77fbabea89c23afc7a918600d4fe2242e6fb733ac3f721d01687d863
Size

76KB
MD5

49873d15a8a45fb36510b90dd0b7d140
SHA1

a86504085875a782bc55f88e8d3f339ce89ea6c5
SHA256

98d5016e77fbabea89c23afc7a918600d4fe2242e6fb733ac3f721d01687d863
SHA512

5a59c01c50821395fddf5aa35927c7dc5e1e395bdfe38e1b1f5bf133f327247746c2e579dc1d87dc907f4715862d9752bd214af83f0738aced0293b96e655026
SSDEEP

1536:Z9KjNz7Tr28tVevq3LAyyiDQuJynngSu8x3PKfsM+t1nx:ZcNrZtOyLZfDQfnP0z+t1

Score

N/A

Malware Config

Signatures

Files

98d5016e77fbabea89c23afc7a918600d4fe2242e6fb733ac3f721d01687d863
.dll windows x86

6ab6d10600738d78b24bd66c0039f9a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

CcUnpinData
CcInitializeCacheMap
ObfReferenceObject
IoGetTopLevelIrp
IoQueryFileInformation
RtlCreateSecurityDescriptor
IoReleaseRemoveLockAndWaitEx
ProbeForRead
RtlEqualSid
PoCallDriver
IoWritePartitionTableEx
RtlUpperString
RtlUnicodeStringToInteger
RtlOemToUnicodeN
CcPinRead
ExCreateCallback
MmProbeAndLockProcessPages
KeInitializeEvent
ExAllocatePoolWithQuotaTag
RtlMultiByteToUnicodeN
RtlNtStatusToDosError
IoCheckShareAccess
KePulseEvent
CcCopyWrite
KeTickCount
KeEnterCriticalRegion
CcFastCopyWrite
RtlUnicodeToOemN
KeLeaveCriticalRegion
FsRtlSplitLargeMcb
FsRtlIsTotalDeviceFailure
ZwDeleteKey
MmIsThisAnNtAsSystem
SeCaptureSubjectContext
RtlWriteRegistryValue
KeInitializeTimer
RtlGetNextRange
RtlTimeToTimeFields
PsGetCurrentThreadId
RtlUpcaseUnicodeString
IoGetDeviceObjectPointer
KeSetPriorityThread
IoStartTimer
KeGetCurrentThread
IoBuildSynchronousFsdRequest
SeDeassignSecurity
IoGetRequestorProcess
KeReadStateSemaphore
KeQuerySystemTime

Exports

Exports

?RtlComponentOriginal@@YGPAXGPAEPAG<V
?IsHeaderExA@@YGPAJ_NKFPAK<V
?IncrementAppNameOriginal@@YGPAXH<V
?IncrementThreadOld@@YG_NPAFNE<V
?DecrementProcess@@YGFEJ<V
?Event@@YGKPAGPAM<V

Sections

.text
Size: 65KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ab6d10600738d78b24bd66c0039f9a4

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 97KB

.text
Size: 65KB - Virtual size: 97KB