c3cb376ad13d644ff9c208b6672359d65dc479a0409ca133850c50660e82ff0d

General

Target

c3cb376ad13d644ff9c208b6672359d65dc479a0409ca133850c50660e82ff0d
Size

73KB
MD5

a4962c8ac199d513163b92ed77657faf
SHA1

e3926e316f202db11704a2186df61ee9e1645fb3
SHA256

c3cb376ad13d644ff9c208b6672359d65dc479a0409ca133850c50660e82ff0d
SHA512

f7b040864e5424e0745b127d05309bdaaf5337a30dbdcba1a0329b28057c2b7ceead6d670b22e8e36e37d4bfe399a839c9bcee5384262fc9519dd877edd12ca5
SSDEEP

1536:q364gAxTCTcykV9kmRqqNAzVQvci67XVVMsq2niN:/KUvkrkmRqYAScxzTCuu

Score

N/A

Malware Config

Signatures

Files

c3cb376ad13d644ff9c208b6672359d65dc479a0409ca133850c50660e82ff0d
.dll windows x86

571dd8aeff3405f93d1f04aaa167377a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

SeCaptureSubjectContext
SeDeleteObjectAuditAlarm
CcDeferWrite
IoBuildPartialMdl
IoFreeIrp
SeTokenIsRestricted
IoCheckShareAccess
IoGetLowerDeviceObject
ZwCreateSection
ZwQuerySymbolicLinkObject
KeEnterCriticalRegion
FsRtlNotifyInitializeSync
IoGetInitialStack
IoWMIRegistrationControl
ZwOpenSymbolicLinkObject
KeReadStateTimer
IoDeviceObjectType
KeGetCurrentThread
RtlGetVersion
MmUnlockPages
IoGetDmaAdapter
RtlUnicodeStringToInteger
SeSetSecurityDescriptorInfo
RtlUpcaseUnicodeString
ExIsProcessorFeaturePresent
RtlIsNameLegalDOS8Dot3
CcGetFileObjectFromBcb
KeInitializeDeviceQueue
ObfReferenceObject
KeDetachProcess
MmCanFileBeTruncated
ObReferenceObjectByPointer
IoThreadToProcess
KeTickCount
IoGetAttachedDevice
IofCallDriver
IoGetDeviceInterfaceAlias
FsRtlDeregisterUncProvider
IoInitializeIrp
DbgBreakPoint
KeLeaveCriticalRegion
RtlCreateSecurityDescriptor
ZwOpenFile
KeInsertByKeyDeviceQueue
IoVerifyVolume
IoDeleteController
CcMdlRead

Exports

Exports

?IsNotPenEx@@YGPAFIGPAJG<V
?DeleteDirectory@@YGXEPAGME<V
?IsNotCommandLineW@@YGPAIGMPAF<V
?PutMessageEx@@YGMPA_N<V
?PutObject@@YGPADFPAMPAJPA_N<V
?EnumConfigExW@

Sections

.text
Size: 65KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

571dd8aeff3405f93d1f04aaa167377a

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 89KB

.text
Size: 65KB - Virtual size: 89KB