c9b36ae929d020240a91ff5200e8fe80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9b36ae929d020240a91ff5200e8fe80
Size

40KB
MD5

c9b36ae929d020240a91ff5200e8fe80
SHA1

77942d4478e40c34ef5fd6b11ab5bc31674bb795
SHA256

a2d4ae8843e0924233cc3d6dd88a613cb62ec8155f93580a968f57d61199dfe3
SHA512

68b8bd86ff1e6e6360eee867a7aed7ec80cf2f6f36b95ad933fb9dec6f61e3f21052fee4172e2a4f440058e890b60363bb6b04e1e918525f385c75935ada7c85
SSDEEP

768:TkcLUgayfyGIRJza+MQkLuTWgcHwqeJv+183stOIa1PE6O3FP63eHU/TJP:TkcuGI/BMQBWlHXex+1rtOfETN63ewB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9b36ae929d020240a91ff5200e8fe80

Files

c9b36ae929d020240a91ff5200e8fe80
.dll windows:4 windows x86 arch:x86

f463a09ea4ca9fca32bf26b9eea799fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hal

HalMakeBeep
HalProcessorIdle
KeAcquireSpinLock
KfLowerIrql

ntoskrnl.exe

IoFreeIrp
KeUpdateRunTime
IoCreateDevice

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ