c265d067adce8eeadb358888221a18b0

Sharing

Copy URL

Twitter E-mail

General

Target

c265d067adce8eeadb358888221a18b0
Size

106KB
MD5

c265d067adce8eeadb358888221a18b0
SHA1

459b6ff4fb15da419f46d492731a5d7cc610db45
SHA256

26c6bd8b7d3fb490c9a5fc085ad0e1989311068f0485af69d642c86f16a3daee
SHA512

ae71d688f74f11bb14c061215909c643c5a9bfb54b05b529db2ae460cc35ed324439ff8ab9562d24ca34622035a644dc7355ad7aa617929c771d55e2f4a39989
SSDEEP

3072:WnW8ONSUGL0ZFDkdgaKjJkNcbzCIVnijEN:2W8ONILgFDkdNcJzCEim

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c265d067adce8eeadb358888221a18b0

Files

c265d067adce8eeadb358888221a18b0
.dll windows:5 windows x86 arch:x86

43ee9314bdcc005919dfab03186ae7bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

L:\ieneakXxBtvq\brMOsANWyzsbr\lwpppydukMX\fllnfsxoJo.pdb

Imports

ntoskrnl.exe

RtlEqualString
FsRtlNotifyInitializeSync
RtlSubAuthoritySid
FsRtlGetNextFileLock
IoSetDeviceInterfaceState
RtlUpcaseUnicodeString
IoAttachDeviceToDeviceStack
CcDeferWrite
RtlInitAnsiString
KeSetPriorityThread
ExReinitializeResourceLite
RtlEqualSid
RtlInitString
ZwCreateSection
RtlInsertUnicodePrefix
RtlQueryRegistryValues
PoRegisterSystemState
FsRtlMdlWriteCompleteDev
RtlTimeToSecondsSince1980
RtlInitUnicodeString
RtlxAnsiStringToUnicodeSize
KeInsertByKeyDeviceQueue
RtlEqualUnicodeString
KeInitializeQueue
CcFastMdlReadWait

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ztest
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stest
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.srdat
Size: 1024B - Virtual size: 549B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43ee9314bdcc005919dfab03186ae7bc

Headers

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

Sections

.text Size: 14KB - Virtual size: 13KB

.idat Size: 512B - Virtual size: 104B

.idata Size: 1024B - Virtual size: 748B

.ztest Size: 512B - Virtual size: 192B

.stest Size: 512B - Virtual size: 192B

.init Size: 10KB - Virtual size: 9KB

.srdat Size: 1024B - Virtual size: 549B

.data Size: 2KB - Virtual size: 38KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 1024B - Virtual size: 556B

.text
Size: 14KB - Virtual size: 13KB

.idat
Size: 512B - Virtual size: 104B

.idata
Size: 1024B - Virtual size: 748B

.ztest
Size: 512B - Virtual size: 192B

.stest
Size: 512B - Virtual size: 192B

.init
Size: 10KB - Virtual size: 9KB

.srdat
Size: 1024B - Virtual size: 549B

.data
Size: 2KB - Virtual size: 38KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 1024B - Virtual size: 556B