9303c7da6d8e7b8723ed653a491c672e06da4a31318508db86ee2d7729d06f79 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9303c7da6d8e7b8723ed653a491c672e06da4a31318508db86ee2d7729d06f79
Size

134KB
MD5

af80be5bdbc0b565f4fc82a5b1024280
SHA1

e415bb4718ad8d979054a5dd24950497a505726b
SHA256

9303c7da6d8e7b8723ed653a491c672e06da4a31318508db86ee2d7729d06f79
SHA512

837b0162448eb45253cfe84ebfdb60d7fc184f56918eb61dcd0e4e15b95be80bf0f671db5b9c4f6693afc6f58997fe99c8ec9f6bac1869a5793c8e41ecc6ae8f
SSDEEP

3072:7rkyEMduNXt62/q+aE4eUm+5Z2XH7E1PPSfO7/UKNWBt6p4c:kfX/qs4XNn2Xbxc/SBt6p

Score

N/A

Malware Config

Signatures

Files

9303c7da6d8e7b8723ed653a491c672e06da4a31318508db86ee2d7729d06f79
.dll windows x86

bb59248e8c46c9c370c263f84c2d0a5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlAnsiCharToUnicodeChar
ExFreePoolWithTag
ObfReferenceObject
IoGetCurrentProcess
ObReferenceObjectByHandle
DbgPrint
ExInterlockedPopEntrySList
RtlSubAuthoritySid
MmMapLockedPagesSpecifyCache
strstr
IoFreeIrp
KeTickCount
SeTokenType
ZwQuerySecurityObject
IoAssignResources
RtlTimeToElapsedTimeFields
strncpy
ZwOpenKey
strncmp
KeBugCheckEx
KeQueryTimeIncrement
ExAllocatePoolWithTag
wcsncpy
_except_handler3
ZwQuerySystemInformation

Sections

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 640B - Virtual size: 633B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 768B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE