b308b5d3b6321677482b2a3b23dbd94bc5176ce58586f0d5278db2153e5676d3

General

Target

b308b5d3b6321677482b2a3b23dbd94bc5176ce58586f0d5278db2153e5676d3
Size

41KB
MD5

0707268a66fe53c829d6c3c01e55c5b8
SHA1

92ade6e426749b4f42412dfd0d8f59ab3158340b
SHA256

b308b5d3b6321677482b2a3b23dbd94bc5176ce58586f0d5278db2153e5676d3
SHA512

cd1fbea01d4f7c2ae76708bc8972d87ea12e63f9f0751fd9226da902341ada0bff5e994315549a9d5c22b5e2fc9b16927e6cbd973c378f34a17e5dd967780a7f
SSDEEP

384:PsIUaAvMkhWNMR9jedW4jBAvoGoNOcXfKpUMdcvmBxctULA3WTGJ3gknhCpsK2yi:0XdHQY9dvohNODUscw/A5d82yfqivZ

Score

N/A

Malware Config

Signatures

Files

b308b5d3b6321677482b2a3b23dbd94bc5176ce58586f0d5278db2153e5676d3
.dll windows x86

a9bb3194e5136ab0fdeea727145b3162

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlCreateUnicodeString
FsRtlFastUnlockSingle
ZwQueryVolumeInformationFile
RtlAnsiStringToUnicodeString
ExDeletePagedLookasideList
SeDeassignSecurity
MmUnmapLockedPages
IoAllocateErrorLogEntry
MmLockPagableSectionByHandle
RtlInitString
KeSetTargetProcessorDpc
IoGetDeviceObjectPointer
KeRestoreFloatingPointState
ZwOpenFile
IoCheckQuotaBufferValidity
RtlNtStatusToDosError
IoInvalidateDeviceRelations
ZwFreeVirtualMemory
KeSetTimer
ZwQuerySymbolicLinkObject
RtlInitializeUnicodePrefix
MmUnmapIoSpace
IoCheckEaBufferValidity
RtlTimeToSecondsSince1980
IoAllocateController

Exports

Exports

?ElzgIxNCeAsdpevjew@@YGJH@Z
?qpfdqMyNhOyd@@YGDF@Z
?hweeFAkTaWrxrinxuU@@YGMEM@Z
?ugDokzoNltDcbzflozV@@YGJPAKH@Z
?HxgQnzficukc@@YGMJ@Z

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9bb3194e5136ab0fdeea727145b3162

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.edata Size: 512B - Virtual size: 240B

.data Size: 2KB - Virtual size: 22KB

INIT Size: 9KB - Virtual size: 9KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.edata
Size: 512B - Virtual size: 240B

.data
Size: 2KB - Virtual size: 22KB

INIT
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 2KB - Virtual size: 1KB