c1cff890c4bf1ad4ae4c6fd21d49c02dea61b58566b6468815082c760f31826f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1cff890c4bf1ad4ae4c6fd21d49c02dea61b58566b6468815082c760f31826f
Size

30KB
MD5

15ac581da83be9144c3ca0bfeeabab9b
SHA1

5536c85f98ad3ef71a6b327ed1cb0e744a3dff83
SHA256

c1cff890c4bf1ad4ae4c6fd21d49c02dea61b58566b6468815082c760f31826f
SHA512

b5a50e2b74941f262d4f5d3c3fd7ed32bf13225f212385c61926eb371f45bb8ed1a53b3182e63d685ac4efaa25df49789d127d6b2eddf2fb434418d7551ca63c
SSDEEP

48:4dHdsz83i0ohRc1JtlsyTMNgWVpYRVavtK3auAEERFV:+9sA3johq9CsMdYN3auAEERFV

Score

N/A

Malware Config

Signatures

Files

c1cff890c4bf1ad4ae4c6fd21d49c02dea61b58566b6468815082c760f31826f
.exe windows x86

1e484aa476e511cfea3b69315ca5ad42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
DbgPrint
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
KeTickCount

Sections

.text
Size: 896B - Virtual size: 824B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 418B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 114B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ