ea7249c598d7404ac8327396ba790f8d476b7b233c510526924a53d6a72bee74 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea7249c598d7404ac8327396ba790f8d476b7b233c510526924a53d6a72bee74
Size

378KB
MD5

b6b1f68ec7cf297ef3805d8b978b7580
SHA1

f04f5eba9b1e86338d11950cdc3e2379414ed595
SHA256

ea7249c598d7404ac8327396ba790f8d476b7b233c510526924a53d6a72bee74
SHA512

94bd33301bbb802dd54cea1d7c3c1274b3eff541aec9426279d3763f6c1b3368398c1ba12125a0f0ac502e8870e017ac148f8238ae7724df005591a8bd1afdc1
SSDEEP

6144:D6B+L/PiJfEurOpbDIgFhXYWXMHJyUooBMpacpVnYrZVxWn60u3vzNLGfWrsEGQx:DksyF2KJPcniWgdQsyDS

Score

N/A

Malware Config

Signatures

Files

ea7249c598d7404ac8327396ba790f8d476b7b233c510526924a53d6a72bee74
.dll windows x86

605d7f14af92943fdd23849ea4c1993a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

FsRtlNotifyCleanup
CcUninitializeCacheMap
KeSetTimerEx
IoConnectInterrupt
IoRaiseHardError
RtlWriteRegistryValue
RtlCompareMemory
CcMdlWriteComplete
IoReleaseCancelSpinLock
IoAcquireCancelSpinLock
MmFreeMappingAddress
IoVolumeDeviceToDosName
ExAllocatePoolWithQuotaTag
swprintf
ExReleaseFastMutexUnsafe
IoRegisterDeviceInterface
IoCreateFile
IoRequestDeviceEject
RtlTimeFieldsToTime
RtlLengthSecurityDescriptor
KeSetTimer
RtlCopyUnicodeString

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tirg
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_MEM_READ