c7f046db5d04ffc8d6745b232a150c9fff780fdafe21630b9d9294690f870e7b

General

Target

c7f046db5d04ffc8d6745b232a150c9fff780fdafe21630b9d9294690f870e7b
Size

445KB
MD5

d9a6afe2a592a59629be90119cb4748d
SHA1

3b63dede6f801e4d57b1068def21ee59406c06b0
SHA256

c7f046db5d04ffc8d6745b232a150c9fff780fdafe21630b9d9294690f870e7b
SHA512

6539f9fd03fb2236149b04290181e79870683765194f179d3928374a53390d81c03b188224d85f0272c5fbf5a90abf127d7fa6abfb49b216eb1e7646a0e4f2d6
SSDEEP

6144:5Hnl3kW9gqKt4ZiOuLyXBOG9xty6gJ3KKPrjBvQLDsKWBVk1R2YXmPErKFJ:5FbNEOuLyXBOG9Py6gJ3ZjBoCkrrk

Score

N/A

Malware Config

Signatures

Files

c7f046db5d04ffc8d6745b232a150c9fff780fdafe21630b9d9294690f870e7b
.dll windows x86

894ead0904a546f5877584bf3af307be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoGetTopLevelIrp
CcMapData
ExGetPreviousMode
IoGetDeviceProperty
PsCreateSystemThread
FsRtlNotifyUninitializeSync
RtlWriteRegistryValue
ObCreateObject
KeTickCount
KeEnterCriticalRegion
ZwReadFile
FsRtlIsFatDbcsLegal
IoBuildSynchronousFsdRequest
IoVerifyPartitionTable
ExRegisterCallback
KeInitializeSemaphore
SeLockSubjectContext
RtlAnsiStringToUnicodeString
RtlFindNextForwardRunClear
RtlCreateAcl
IoStartPacket
RtlGetVersion
KeSetBasePriorityThread
ExSetTimerResolution
ExRaiseAccessViolation
MmIsVerifierEnabled
SeCaptureSubjectContext
RtlCreateSecurityDescriptor
KeGetCurrentThread
CcFlushCache
IoBuildPartialMdl
KeInitializeQueue
ObReleaseObjectSecurity
ZwDeleteValueKey
FsRtlFastUnlockSingle
KeInitializeDpc
KeSetTargetProcessorDpc
KeLeaveCriticalRegion
MmUnmapReservedMapping
KeInitializeSpinLock
KeDelayExecutionThread
IoReleaseVpbSpinLock
IoDeleteDevice
ObReferenceObjectByHandle
ExDeleteResourceLite
MmMapLockedPagesSpecifyCache
ExAllocatePoolWithTag

Exports

Exports

?PutListExW@@YGPAIEH_N<V
?CallVersionOld@@YGPA_NPAHPAD<V
?FreeKeyboardA@@YGIPAJ<V
?DeleteFolderPath@@YGPAKGM_N<V
?IsDateTimeW@@YG_NJF<V
?InsertTextExA@@YGFKE<V

Sections

.text
Size: 64KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

894ead0904a546f5877584bf3af307be

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 85KB

.text
Size: 64KB - Virtual size: 85KB