31d3399cf7e4462a968bc27e49fb1917bddf2b98cdf238ca56dcffa4e0884c36

Sharing

Copy URL Twitter E-mail

General

Target

31d3399cf7e4462a968bc27e49fb1917bddf2b98cdf238ca56dcffa4e0884c36
Size

172KB
MD5

9dc829961c7bb8babaa9551ac2358e93
SHA1

7318a92761293b289716f309cc8415ebf3e8ca09
SHA256

31d3399cf7e4462a968bc27e49fb1917bddf2b98cdf238ca56dcffa4e0884c36
SHA512

50da5c329c24e45bffb44602466214d9d49cb84a65e94d2d49150f622c30a9ff19ee7628f81a62fe2a0a93bffd6a743f3428903597e3029eabb2f5368e399611
SSDEEP

3072:DgJq8h6+1lz0z5rSxMkb5im15PQznxFa32/vZGk/P/ypSABMgeI0J1vZPANJqR83:D3w/z0z5Gx5JP0Pa32HPNCS12NJf

Score

N/A

Malware Config

Signatures

Files

31d3399cf7e4462a968bc27e49fb1917bddf2b98cdf238ca56dcffa4e0884c36
.exe windows x86

3f9c372eb0b2ea940924a4e9b96d1857

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeQueryTimeIncrement
KeTickCount
memcpy
ExCreateCallback
ExRegisterCallback
memmove
memset
RtlQueryRegistryValues
swprintf
RtlInitUnicodeString
IoGetDeviceObjectPointer
ObfDereferenceObject
ExUnregisterCallback
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlCreateRegistryKey
RtlWriteRegistryValue
KeInitializeEvent
IoBuildDeviceIoControlRequest
_aulldiv
_aullrem
IofCallDriver
KeWaitForSingleObject
RtlGetVersion
MmMapIoSpace
MmUnmapIoSpace
DbgPrint
KeBugCheckEx
ExSystemTimeToLocalTime
_alldiv
_allrem
_allmul
KeQuerySystemTime

hal

KfLowerIrql
KeGetCurrentIrql
KfRaiseIrql

scsiport.sys

ScsiPortWriteRegisterUlong
ScsiPortReadRegisterUlong
ScsiPortWritePortUchar
ScsiPortMoveMemory
ScsiPortGetUncachedExtension
ScsiPortLogError
ScsiPortGetDeviceBase
ScsiPortGetBusData
ScsiPortValidateRange
ScsiPortGetPhysicalAddress
ScsiPortStallExecution
ScsiPortNotification
ScsiPortInitialize

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f9c372eb0b2ea940924a4e9b96d1857

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

scsiport.sys

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 81KB

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 81KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB