c9fbd47d5073e08236da77e2e0f71fa8b8a5454063d596e0647f32490abeb14c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9fbd47d5073e08236da77e2e0f71fa8b8a5454063d596e0647f32490abeb14c
Size

6KB
MD5

86e042e92291404bb80ed0481c3a66bf
SHA1

ea52ca1e6522abb744c34c7c5f5448b1849cc612
SHA256

c9fbd47d5073e08236da77e2e0f71fa8b8a5454063d596e0647f32490abeb14c
SHA512

b58ab337a97cddc4b8239b1e0cd8e5ee0fdb9101f76f7d5434a811832a65adf89556283fd78d3097ca60c1c3a0a72b9b0a488a61a1039283d95278bbe50b200e
SSDEEP

48:alSxTzJR7QnO8ycohRLpQxJkBPAXCUSo65Hr6wy2nYyk84lCnIQHlHFfXVTILcHo:z7Qbb69QYBmwy2nBaAFH3xILcH+XE

Score

N/A

Malware Config

Signatures

Files

c9fbd47d5073e08236da77e2e0f71fa8b8a5454063d596e0647f32490abeb14c
.dll windows x86

5db6f621b06e9457d0416c512fe0d4b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

memcpy
ExFreePoolWithTag
memset
ExAllocatePool
KeInitializeEvent
KeEnterCriticalRegion
ExAcquireFastMutexUnsafe
ExReleaseFastMutexUnsafe
KeLeaveCriticalRegion
RtlCompareUnicodeString
RtlInsertElementGenericTableAvl
RtlDeleteElementGenericTableAvl
RtlLookupElementGenericTableAvl
RtlInitializeGenericTableAvl
swprintf
CcInitializeCacheMap
MmMapLockedPagesSpecifyCache
ExGetPreviousMode
ProbeForWrite
ProbeForRead
CcPurgeCacheSection
CcUninitializeCacheMap
IofCompleteRequest
IoDeleteDevice
IoCreateDevice
_except_handler3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ