651dc0b0cc06ca663fbe46bd0d8b2652ea8fa48b4522fbec6801ff24f6de618f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

651dc0b0cc06ca663fbe46bd0d8b2652ea8fa48b4522fbec6801ff24f6de618f
Size

379KB
MD5

7603f1a27e91e05e2dee522de940f620
SHA1

b9c551e9b64ed0e4d0bb3f07100d31d61aba2dd6
SHA256

651dc0b0cc06ca663fbe46bd0d8b2652ea8fa48b4522fbec6801ff24f6de618f
SHA512

5beeff2a7ce1029c921b35808ea0d394f3017934f8bbbb80e563e10c57b14c5b7bb30ef3fc84fa2c2a9719c1afa806e1fa482e3db0bc1c775e325e707c1e54f9
SSDEEP

6144:QSXRSxAncx1PMZvOiwlpBCx2LYW2Tz0tfT+zSyrBwsQXF4MbshSylNcyPuBRMfK7:nRSxIwBM4tQTzXA1KlwD3MjfP/y

Score

N/A

Malware Config

Signatures

Files

651dc0b0cc06ca663fbe46bd0d8b2652ea8fa48b4522fbec6801ff24f6de618f
.dll windows x86

8365af22174c560ceffc990dce3ddcf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

PsTerminateSystemThread
READ_REGISTER_ULONG
RtlTimeToTimeFields
FsRtlDissectName
ExInitializeResourceLite
SePrivilegeCheck
KeInitializeDpc
IoDetachDevice
RtlEqualUnicodeString
ExReleaseResourceLite
ObReferenceObjectByHandle
KdDisableDebugger
RtlFindLongestRunClear
RtlUpcaseUnicodeString
KeLeaveCriticalRegion
FsRtlProcessFileLock
CcMdlWriteAbort
IoRemoveShareAccess
ZwUnloadDriver
ExAllocatePoolWithQuota
IoCheckShareAccess
RtlLengthSecurityDescriptor
ExSetResourceOwnerPointer
IoAllocateIrp
SeUnlockSubjectContext
ZwDeviceIoControlFile
ExDeleteResourceLite
CcPinMappedData
IoReportDetectedDevice
IoQueryFileDosDeviceName

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE