fdecfba6ec2e6f819ad1d5debcca2ffb0bf86550d4e93ac7e0d8bdaf092f8ebf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdecfba6ec2e6f819ad1d5debcca2ffb0bf86550d4e93ac7e0d8bdaf092f8ebf
Size

32KB
MD5

f7dbf1c90781cd51229c5941da20ebf0
SHA1

c667cc7710086e7eb33f50a92bc6cbeb4beef694
SHA256

fdecfba6ec2e6f819ad1d5debcca2ffb0bf86550d4e93ac7e0d8bdaf092f8ebf
SHA512

2aa2075624decf209e0099d4cada478311e1db5152a1e0fe4c8523051b35388ec828ca45809f2a858ba01cd2548f7845e3054083f88aefd770351c0e87937a18
SSDEEP

768:1AwN5Cvpi6pEDnsDdcrFwYDNFJ1xFBVaL:1Ao3BVaL

Score

N/A

Malware Config

Signatures

Files

fdecfba6ec2e6f819ad1d5debcca2ffb0bf86550d4e93ac7e0d8bdaf092f8ebf
.dll windows x86

4ab64aebae0dd65a5d0dda9f9befd033

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
ObfDereferenceObject
ExAllocatePoolWithTag
ZwQuerySystemInformation
MmUnlockPages
IoFreeMdl
MmUnmapLockedPages
MmMapLockedPagesSpecifyCache
MmProbeAndLockPages
IoAllocateMdl
_except_handler3

Sections

.text
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ