c942501d34d754578d6ce75a9325ea71ddaee4fbdec8fad4e58026e5e4ed0b6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c942501d34d754578d6ce75a9325ea71ddaee4fbdec8fad4e58026e5e4ed0b6e
Size

166KB
MD5

9af9de1df7da66179f1a4181151d6d59
SHA1

0c8e561eec63bd956a9a3badb2faca4ac24da171
SHA256

c942501d34d754578d6ce75a9325ea71ddaee4fbdec8fad4e58026e5e4ed0b6e
SHA512

f4a883864a8bb26ec6493999bb424a961d47984a8308cc21d68cde53b9b4480b9401cf3d285c37aba65f6e552e79bb8f0b9639903121552c94b2766a97bc6cf0
SSDEEP

3072:2tZ9LuMBWF6ZKn9foNo+xgynvD8/fqnyy0RuQJa8ks9O34vJ3yjtDowx7QYfh63N:2tZQcHi9ANo+nvD83qnv9QsluOYyhDoo

Score

N/A

Malware Config

Signatures

Files

c942501d34d754578d6ce75a9325ea71ddaee4fbdec8fad4e58026e5e4ed0b6e
.dll windows x86

604af5cd27fa86801742fdf7dd75fd6c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtClose

basesrv

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Exports

Exports

BaseSetProcessCreateNotify
BaseSrvNewObDirAcls
BaseSrvNlsLogon
BaseSrvNlsUpdateRegistryCache
ServerDllInitialization

Sections

.text
Size: 164KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ