5c9aa7816e6033386e89809bc3f45eef8155e9de | Triage

Sharing

General

Target

5c9aa7816e6033386e89809bc3f45eef8155e9de
Size

1KB
MD5

9dd39c5c2dc2a5dfd35cb03d1a18bd2b
SHA1

5c9aa7816e6033386e89809bc3f45eef8155e9de
SHA256

f27e8f398646c4af71bbf276986d43a744beccdb1c422406575ef8b2e887e258
SHA512

a2c498b5b8139f7d059b53b4b1d8ee9621ed4d889eba5afe6da85966ad9850a463f5238ad0e82a14ccae3d73990f561675d09c12f228ab33bb649dd57f7ae4e9

Score

N/A

Malware Config

Signatures

Files

5c9aa7816e6033386e89809bc3f45eef8155e9de
.exe windows x86

a94f8faa78b398502ce6c362bc6011e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwClose
ZwTerminateProcess
ZwOpenProcess
ZwQuerySystemInformation
ExAllocatePoolWithTag
ExFreePoolWithTag

Sections

.rdata
Size: 256B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 128B - Virtual size: 3B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ