42baa38a60c29e273b469cd538df2c3eddff0dbc | Triage

Sharing

General

Target

42baa38a60c29e273b469cd538df2c3eddff0dbc
Size

1KB
MD5

579b6c52a4477a5cd6c401b3c9d20fe7
SHA1

42baa38a60c29e273b469cd538df2c3eddff0dbc
SHA256

a921abc7f874d6e14c0260e0d2e563644817d019a06e29dc29652161e4d4cc25
SHA512

8f700a37d8b1dd81feadda89d9aeaa3183cb37c3c8fc866a6de62273f6af2d93c0b58f8befe14be3ff531dee9e6c3c7704ea7fd27d4087d447ec0ca0f7d5e595

Score

N/A

Malware Config

Signatures

Files

42baa38a60c29e273b469cd538df2c3eddff0dbc
.exe windows x86

a94f8faa78b398502ce6c362bc6011e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwClose
ZwTerminateProcess
ZwOpenProcess
ZwQuerySystemInformation
ExAllocatePoolWithTag
ExFreePoolWithTag

Sections

.rdata
Size: 256B - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 128B - Virtual size: 3B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 768B - Virtual size: 722B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ