8c69540b8cee01445be38861f43affe8

General

Target

8c69540b8cee01445be38861f43affe8
Size

33KB
MD5

8c69540b8cee01445be38861f43affe8
SHA1

b4624cbb7438dd8ad83d1ea25706a5988e73a43d
SHA256

0e9a1445941898c6962a8122ea7f05793516a2d7ae7d444ebfa463bff8854a51
SHA512

21dbf01854a45e5f11b38fe3972522479c8271c75c08e8120c7480fd9aac4b8aad7027f7501b0c53ec9bd42f67d4a2de8966a5c5519140eb22bc47e08638b7a8
SSDEEP

768:pPwbjVmkNICtNeOoGVYMzhdzUfkmW0OL/QoIenTff:p4VmVUWGBptUoIO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c69540b8cee01445be38861f43affe8

Files

8c69540b8cee01445be38861f43affe8
.dll windows:5 windows x86 arch:x86

ef7a33a8e062ca142c25010a3ce92591

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

MmResetDriverPaging
MmUnlockPagableImageSection
MmPageEntireDriver
MmCreateMdl
MmLockPagableDataSection
ZwFsControlFile
VerSetConditionMask
IoBuildPartialMdl
MmMapVideoDisplay
RtlSetDaclSecurityDescriptor
RtlQueryRegistryValues
RtlUnicodeStringToAnsiString
RtlInitString
RtlCompareString
RtlFreeUnicodeString
ZwSetEvent
KeGetCurrentThread
_vsnwprintf
RtlLookupElementGenericTable
RtlFreeAnsiString
RtlCopyString
_wcsrev
RtlCompareMemory
RtlEqualString
strrchr
KeTickCount
wcsspn
ZwQueryInformationFile
DbgPrintEx
RtlRealPredecessor
ZwEnumerateKey
memset

Exports

Exports

__NtLockFile@4
__NtOpenFile@0
__NtQueryDirectoryFile@4

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ex_dat
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef7a33a8e062ca142c25010a3ce92591

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.ex_dat Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 320B

PAGE Size: 21KB - Virtual size: 21KB

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 446B

.text
Size: 3KB - Virtual size: 2KB

.ex_dat
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 320B

PAGE
Size: 21KB - Virtual size: 21KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 446B