59be13f2c8390b7c0e024879c1bda5d89569e34ef1327a85c3fc2cc0c1655b9a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59be13f2c8390b7c0e024879c1bda5d89569e34ef1327a85c3fc2cc0c1655b9a
Size

3KB
MD5

160621f38ffeeae75d61c84bbfb5fd56
SHA1

50b3f0200e530e5f94808f3a8ac2d46420fff07d
SHA256

59be13f2c8390b7c0e024879c1bda5d89569e34ef1327a85c3fc2cc0c1655b9a
SHA512

e5dc11dac6ac806c6f7f304525146c19d7d7900f506a860143668e9873f4219e4d97b74633a5230801745a27667d943b6d1f8d6cb1db55d44303394facc37153

Score

N/A

Malware Config

Signatures

Files

59be13f2c8390b7c0e024879c1bda5d89569e34ef1327a85c3fc2cc0c1655b9a
.exe windows x86

c615d44bb4c517b8a946783ec8d23d44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntoskrnl.exe

IoCreateSymbolicLink
vsprintf
KeI386ReleaseGdtSelectors
KeI386SetGdtSelector
KeI386AllocateGdtSelectors
IoDeleteDevice
DbgPrint
RtlInitUnicodeString
IoCreateDevice
IofCompleteRequest
IoDeleteSymbolicLink

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 416B - Virtual size: 386B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 192B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ