b0dc561fac1d130f46d9a86c1d8845c50cba82e30ad23c8f1392e72586cb2dd4

Sharing

Copy URL Twitter E-mail

General

Target

b0dc561fac1d130f46d9a86c1d8845c50cba82e30ad23c8f1392e72586cb2dd4
Size

158KB
MD5

c3f9ffadee443cb30bc7a12a4f5c7774
SHA1

88a77da574d0f5869f4fde3a1f93f68b462dcffa
SHA256

b0dc561fac1d130f46d9a86c1d8845c50cba82e30ad23c8f1392e72586cb2dd4
SHA512

07c2a3fa030b15af65383606cad6b96d9df27201bef163764348237edea4f5532e89b63de43cb04ce8db95da82596b27edad63f2c71f9aa5c142e9e837d7a279
SSDEEP

3072:3wwuip0vXj2qiGwAqDwWQYVBbmFQaAbLQ3gS6XlxDy7hGE1:3ww50f1SAqz5VBbnbXlqh

Score

N/A

Malware Config

Signatures

Files

b0dc561fac1d130f46d9a86c1d8845c50cba82e30ad23c8f1392e72586cb2dd4
.dll windows x86

13291b9a4d2513143d18a82ab01c23aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwQueryValueKey
RtlInitAnsiString
PoSetPowerState
SeAccessCheck
IoInitializeTimer
PsTerminateSystemThread
RtlFindLeastSignificantBit
RtlLengthRequiredSid
ExInitializeResourceLite
IoQueueWorkItem
IoRegisterDeviceInterface
ExSetTimerResolution
ExVerifySuite
IoWMIRegistrationControl
IoStartNextPacket
PsGetCurrentProcessId
KeUnstackDetachProcess
IoStartPacket
RtlCopyString
IoCheckShareAccess
MmIsDriverVerifying
ExSystemTimeToLocalTime
ExLocalTimeToSystemTime
MmIsAddressValid

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i_txt
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e_txt
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele3
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele1
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tele2
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tele4
Size: 1024B - Virtual size: 625B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13291b9a4d2513143d18a82ab01c23aa

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 15KB - Virtual size: 15KB

.i_txt Size: 512B - Virtual size: 100B

.e_txt Size: 512B - Virtual size: 512B

.tele3 Size: 512B - Virtual size: 28B

.tele1 Size: 512B - Virtual size: 44B

.tele2 Size: 512B - Virtual size: 44B

.tele4 Size: 1024B - Virtual size: 625B

.data Size: 22KB - Virtual size: 68KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 628B

.text
Size: 15KB - Virtual size: 15KB

.i_txt
Size: 512B - Virtual size: 100B

.e_txt
Size: 512B - Virtual size: 512B

.tele3
Size: 512B - Virtual size: 28B

.tele1
Size: 512B - Virtual size: 44B

.tele2
Size: 512B - Virtual size: 44B

.tele4
Size: 1024B - Virtual size: 625B

.data
Size: 22KB - Virtual size: 68KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 628B