69b62cfe6e33bad5217884512ae1591b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69b62cfe6e33bad5217884512ae1591b
Size

71KB
MD5

69b62cfe6e33bad5217884512ae1591b
SHA1

1245b66a0d6a701882361ae46002d781c37e46d7
SHA256

9e6b50f2c2bd57d71948964ee58035e963e95eff59510b9877f1bfa3d6147b9c
SHA512

60fddd9e5c0033f8d3d5c080eea8f84ec10c8798a9fb4c50230f3d9a8ac3ae4ea8b2ea585fe40d18342f368de88cb8c7033853f4ab9398b8c1592792040e530a
SSDEEP

1536:MpgNxTAmjJ+MFjXgR7yeCe4b2gTJMQSIP2OtkBvdQUvQOEbmu8O:M+xTzdz0yeqb2KJR+Ok/tenj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69b62cfe6e33bad5217884512ae1591b

Files

69b62cfe6e33bad5217884512ae1591b
.dll windows:4 windows x86 arch:x86

8536433ce16d5d0cd31f15b99a54b04e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

RtlInitUnicodeString
SeQuerySecurityDescriptorInfo
FsRtlLegalAnsiCharacterArray
RtlUlongByteSwap
IoWMIRegistrationControl

hal

HalStartProfileInterrupt
HalFlushCommonBuffer
HalQueryDisplayParameters
ExReleaseFastMutex
HalHandleNMI
READ_PORT_USHORT
HalSetBusData
WRITE_PORT_USHORT
KeAcquireSpinLockRaiseToSynch

Sections

.data
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ