a3312b0b46cbbaa077684fc07705d03f0fdbb155845a5a8140a291a066a9b9a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3312b0b46cbbaa077684fc07705d03f0fdbb155845a5a8140a291a066a9b9a4
Size

43KB
MD5

a53d66be376150650e717ca847f8f864
SHA1

79908d8ea419a645ee173883fa72b8c4610401f2
SHA256

a3312b0b46cbbaa077684fc07705d03f0fdbb155845a5a8140a291a066a9b9a4
SHA512

9a52100323c8edf2ffd3483b1f4b0045331431bbd2e2e66c8d59b228bca3d4751907c8112ace6c36ef8b1a5d06ed93d711d704ae19c6d017bbee1f77c571ed6f
SSDEEP

768:jO2gB20zY8AnvriplU2VHHF/r7poPGVZ6emTS9q+TX+VfvkoLhEULIOeU/:lg8cAjWU2V5PpMGj6rTkT+fvnLIOe

Score

N/A

Malware Config

Signatures

Files

a3312b0b46cbbaa077684fc07705d03f0fdbb155845a5a8140a291a066a9b9a4
.dll windows x86

e0a9993028103c2cfaff69dcee1cf07a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeGetCurrentThread
RtlUpcaseUnicodeChar
RtlInitUnicodeString

Exports

Exports

?DecodeArgumentA@@YG_KPAX@Z
?DecodeArgumentExW@@YG_KPAX@Z
?DecodeArgumentW@@YG_KPAX@Z

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 209B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE