7d40537afcacdfcadb897085cf5a39a2aa8159b9158126936d5e0f415b450e4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d40537afcacdfcadb897085cf5a39a2aa8159b9158126936d5e0f415b450e4e
Size

133KB
MD5

54f1349754431c34d0957c41b558d5c0
SHA1

1abf4fc552c20bac35017cc2e9f36a62918e627e
SHA256

7d40537afcacdfcadb897085cf5a39a2aa8159b9158126936d5e0f415b450e4e
SHA512

422a927aa53f7e9f41742b8e6543364125ad74dd2d614ca2a2a2c4cae86905113980d456080b7aacd530383b503e2c5787f831838ab043c4e860405cfdd0a8b3
SSDEEP

3072:+GrYaa7uOjeK57bZUjzK571336HMyM56//ae+itjqxc///////jJ0/QqC/S//K/I:+ctl83OjU75oMyM56//35tjqxc/////V

Score

N/A

Malware Config

Signatures

Files

7d40537afcacdfcadb897085cf5a39a2aa8159b9158126936d5e0f415b450e4e
.dll windows x86

7ad698ac90e40e57a84bfb89c4f5c19b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ObfReferenceObject
DbgPrint
RtlAnsiCharToUnicodeChar
strncmp
ExAllocatePoolWithTag
strstr
ZwQuerySystemInformation
IoGetCurrentProcess
wcsncpy
KeBugCheckEx
ExFreePoolWithTag
_except_handler3
KeQueryTimeIncrement
ObReferenceObjectByHandle
strncpy
MmMapLockedPagesSpecifyCache
KeTickCount

Sections

.data
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 160B - Virtual size: 149B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 544B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE