2077a493bd83f27931ec769f8ec6e19a

General

Target

2077a493bd83f27931ec769f8ec6e19a
Size

106KB
MD5

2077a493bd83f27931ec769f8ec6e19a
SHA1

4a6828fe1dc2f5187fec9b31a8bad125e3a6952f
SHA256

32c500e99ac920e3761a5d9fa65149860550fed467708f26115174192d0b0192
SHA512

e98c50e2c03129dd138c4f6cfbd9f7f529d37e51781a26692317137fe1b2dc80fdfbc482aea2dfc3247753028a92214ce3debc8a3e58c1129eece69cc2d1985c
SSDEEP

3072:5UFlGhIkp5/LmiW6JYHEd6BNzCIVnijEN:5th15zmizikcNzCEim

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2077a493bd83f27931ec769f8ec6e19a

Files

2077a493bd83f27931ec769f8ec6e19a
.dll windows:5 windows x86 arch:x86

6855681394b5719f10818c95d78a0a35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

PsSetLoadImageNotifyRoutine
IoAllocateMdl
RtlMapGenericMask
KeSynchronizeExecution
FsRtlAllocateFileLock
SeSetSecurityDescriptorInfo
IoUpdateShareAccess
MmAllocatePagesForMdl
RtlUnicodeToOemN
MmMapLockedPages
KeGetCurrentThread
RtlClearBits
RtlFindLeastSignificantBit
KeTickCount
KeSetImportanceDpc
RtlCreateSecurityDescriptor
CcFastCopyRead
IoCreateDevice
MmAllocateMappingAddress
ExGetSharedWaiterCount
CcMdlReadComplete
CcRemapBcb
RtlInitializeBitMap
KeWaitForMultipleObjects
IoGetDeviceProperty
IoGetTopLevelIrp
KeLeaveCriticalRegion
KeEnterCriticalRegion
PoStartNextPowerIrp
RtlDelete
RtlInt64ToUnicodeString
RtlInitString
MmUnlockPages
RtlFindLastBackwardRunClear
CcFastCopyWrite
MmProbeAndLockPages
IoIsWdmVersionAvailable
KefAcquireSpinLockAtDpcLevel
ExSystemTimeToLocalTime
RtlCompareString
IoGetStackLimits
SeOpenObjectAuditAlarm
RtlDeleteNoSplay
ZwAllocateVirtualMemory
FsRtlCheckLockForWriteAccess
RtlDeleteRegistryValue

Exports

Exports

?CrtPointerA@@YGGMJM<V
?CancelProcess@@YGPAEPAK<V
?CancelWindowInfoOld@@YGPANPAJ<V
?HideStringExW@@YGEI<V
?RtlFullNameExA@@YGPADGH<V
?DecrementWidthOriginal@@YGPAJMPAHPAK<V

Sections

.text
Size: 65KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6855681394b5719f10818c95d78a0a35

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 83KB

.text
Size: 65KB - Virtual size: 83KB