3d8d6cc169810b772eeee711f02100a3

Sharing

Copy URL Twitter E-mail

General

Target

3d8d6cc169810b772eeee711f02100a3
Size

57KB
MD5

3d8d6cc169810b772eeee711f02100a3
SHA1

635562aa9adc6a9ab0e0365a49906acd9b8ccfd3
SHA256

5b71eed6089cc7033c7fbef84969c5ab14112624cb6b2f8787681a78499794f4
SHA512

08cbfdaafb5b76041099f5aa7a1ecc88fd2bc396b5a3beb6fb083e1d12ab18df5ee392560ec2e0937402634d72400be591f6ac3da3f28427191dc2488c9981d5
SSDEEP

1536:URSYI49h34JeVh5sVCwWoyWJzNIL90NZywrYHa2DCGQGQJIjwdU5K:URSYI49h3Z8gf6wGmRHa2eGFwdkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d8d6cc169810b772eeee711f02100a3

Files

3d8d6cc169810b772eeee711f02100a3
.dll windows:5 windows x86 arch:x86

caed25933f50aeb3df5360eb6ddad837

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

RtlGetVersion
KeReadStateMutex
PoRegisterSystemState
KeSetEvent
RtlInitUnicodeString
RtlInitAnsiString
IoCancelIrp
RtlInitString
RtlAreBitsClear
IoGetBootDiskInformation
KeDeregisterBugCheckCallback
PsGetCurrentThreadId
ExNotifyCallback
KeInitializeApc
RtlUpcaseUnicodeString
IoAllocateMdl
RtlUnicodeToMultiByteN
RtlEqualString
RtlClearBits
RtlxAnsiStringToUnicodeSize
IoAllocateController
KeInitializeTimer
RtlEqualUnicodeString
RtlFindUnicodePrefix
SeCaptureSubjectContext

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ztest
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stest
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.srdat
Size: 512B - Virtual size: 359B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

caed25933f50aeb3df5360eb6ddad837

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 12KB - Virtual size: 11KB

.idat Size: 512B - Virtual size: 104B

.idata Size: 1024B - Virtual size: 696B

.ztest Size: 512B - Virtual size: 192B

.stest Size: 512B - Virtual size: 192B

.init Size: 10KB - Virtual size: 9KB

.srdat Size: 512B - Virtual size: 359B

.data Size: 2KB - Virtual size: 40KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 512B - Virtual size: 500B

.text
Size: 12KB - Virtual size: 11KB

.idat
Size: 512B - Virtual size: 104B

.idata
Size: 1024B - Virtual size: 696B

.ztest
Size: 512B - Virtual size: 192B

.stest
Size: 512B - Virtual size: 192B

.init
Size: 10KB - Virtual size: 9KB

.srdat
Size: 512B - Virtual size: 359B

.data
Size: 2KB - Virtual size: 40KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 512B - Virtual size: 500B