74ecd5b8179708dcc1ffdd422e5b1891b3b0d1c5e94868301e6e0042d79c6260

General

Target

74ecd5b8179708dcc1ffdd422e5b1891b3b0d1c5e94868301e6e0042d79c6260
Size

183KB
MD5

57fa349e0c57f06d00dd5fb17a15c429
SHA1

489b7d33094a33f8b9b4a84b953d15ec3ed6e5b4
SHA256

74ecd5b8179708dcc1ffdd422e5b1891b3b0d1c5e94868301e6e0042d79c6260
SHA512

800091edd661f9801296d4862a31ce68f9a1e5b160ba51787fd6dac93d599611b95ae5275c5b4949e2125937a44c7b536cdc39f89bd9a5c24ae31575ef0c76b1
SSDEEP

3072:jR/4L8gCAzrWU7uVW0egfexWlyK4yOTFO+HLJJedbVTQiJTfZl:jVIpxWUy4gACyZTFOELDqTJr

Score

N/A

Malware Config

Signatures

Files

74ecd5b8179708dcc1ffdd422e5b1891b3b0d1c5e94868301e6e0042d79c6260
.dll windows x86

d91fc92bb805630b812c3f3b8baeace0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoGetRelatedDeviceObject
MmCanFileBeTruncated
ZwSetSecurityObject
IoGetRequestorProcess
RtlFillMemoryUlong
CcFlushCache
RtlExtendedIntegerMultiply
PsRevertToSelf
MmResetDriverPaging
IoInitializeRemoveLockEx
FsRtlNotifyUninitializeSync
IoStartNextPacket
KeReleaseMutex
IoInvalidateDeviceState
RtlDelete
RtlQueryRegistryValues
RtlCreateAcl
ObReferenceObjectByHandle
ZwReadFile
RtlSetDaclSecurityDescriptor
IoCheckEaBufferValidity
PsSetLoadImageNotifyRoutine
ExReleaseResourceLite
ZwWriteFile
ExDeleteNPagedLookasideList
IoReuseIrp
MmFreeNonCachedMemory
RtlSubAuthoritySid
strlen
RtlCheckRegistryKey
KeInitializeQueue
ObQueryNameString
IoGetStackLimits
PsGetProcessId
SeSetSecurityDescriptorInfo
PoCallDriver
IoQueryFileInformation

Sections

.fgghg
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uytu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmem
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d91fc92bb805630b812c3f3b8baeace0

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.fgghg Size: 1024B - Virtual size: 776B

.text Size: 29KB - Virtual size: 29KB

.uytu Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 876B

.vmem Size: - Virtual size: 8KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 1KB - Virtual size: 1KB

.fgghg
Size: 1024B - Virtual size: 776B

.text
Size: 29KB - Virtual size: 29KB

.uytu
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 876B

.vmem
Size: - Virtual size: 8KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 1KB - Virtual size: 1KB