934fa11016d09cb302d6bcbc1f3f1fe373881f06bd66cd36c3756a30e1ff0679 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

934fa11016d09cb302d6bcbc1f3f1fe373881f06bd66cd36c3756a30e1ff0679
Size

22KB
MD5

5fb50ed775dc9d1272356ffc5709da9b
SHA1

1197a837d28d47cc311761370481addd27e7898d
SHA256

934fa11016d09cb302d6bcbc1f3f1fe373881f06bd66cd36c3756a30e1ff0679
SHA512

bc5d41210d2aa191b385f0d785a936727bab4c6ae29ad91b5a24a12c94eb8224fb5f391c26c73522644ee6e5b3aae6cebf10e2ce0c1ee1c907abfd6376535223
SSDEEP

384:MUxJ7GWJx/wuyLo71ingAz2C90oQ2Fc6zQqtwkFzlEFmLU70l8P2e:MMJ7GWJVP/x21KCOo9FJUqyslEsw5Oe

Score

N/A

Malware Config

Signatures

Files

934fa11016d09cb302d6bcbc1f3f1fe373881f06bd66cd36c3756a30e1ff0679
.exe windows x86

8885c2613d072006e52968e2a2482e00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmGetSystemRoutineAddress
RtlInitUnicodeString
ExAllocatePoolWithTag
_except_handler3
ExFreePoolWithTag

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 194B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ