73f1a2765d86821e711869f28fc6a0fa3b68b1a5b64f8efcb17f359c0e3fb647

Sharing

Copy URL Twitter E-mail

General

Target

73f1a2765d86821e711869f28fc6a0fa3b68b1a5b64f8efcb17f359c0e3fb647
Size

78KB
MD5

0703d045b5e88c20c74c5f61bf8dd634
SHA1

771a3b6784711c279fc65bb5c568223f1770de20
SHA256

73f1a2765d86821e711869f28fc6a0fa3b68b1a5b64f8efcb17f359c0e3fb647
SHA512

d8a75cb11390f5d8640e21867f00477f3289221e97f52a2c84dafe24fd8443213977384fbd7d51e46744e38ab9c72a90776b81a712c3ff3895d8139a714ecd63
SSDEEP

1536:g8k1BAVUfnmdpntv0cSayCO5MJsfWCS/pk2KuEM1F3tyUgCLKuRSp:HuAVinApn0ayCc+sfVSe2Ku11MCmuRK

Score

N/A

Malware Config

Signatures

Files

73f1a2765d86821e711869f28fc6a0fa3b68b1a5b64f8efcb17f359c0e3fb647
.dll windows x86

ca2e68548df283a2ffde283eaca5f0fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExFreePool
DbgPrint
IoGetAttachedDeviceReference
RtlUpperChar
IoRegisterBootDriverReinitialization
ZwSetInformationObject
IoAttachDeviceToDeviceStack
isupper
RtlCompressChunks
RtlImageNtHeader
ExRaiseStatus
NlsMbOemCodePageTag
SeCreateClientSecurityFromSubjectContext
ExAllocatePool
IoCreateDevice
memcpy
IoRegisterDriverReinitialization
MmGetPhysicalAddress
KefReleaseSpinLockFromDpcLevel

classpnp.sys

ClassResetMediaChangeTimer
ClassWmiCompleteRequest
ClassForwardIrpSynchronous
ClassCompleteRequest
ClassClaimDevice
ClassGetVpb
ClassSendStartUnit
ClassInitializeTestUnitPolling
ClassSendSrbAsynchronous
ClassBuildRequest
ClassDeviceControl
ClassCreateDeviceObject
ClassUpdateInformationInRegistry
ClassMarkChildrenMissing
ClassInitializeSrbLookasideList
ClassFindModePage
ClassDisableMediaChangeDetection
ClassModeSense
ClassInternalIoControl

hal

KfRaiseIrql
IoFlushAdapterBuffers
HalFreeCommonBuffer
READ_PORT_BUFFER_USHORT
HalAllocateCrashDumpRegisters
HalReadDmaCounter
HalAdjustResourceList
HalInitSystem
KfAcquireSpinLock
HalRequestIpi
KeTryToAcquireQueuedSpinLock
READ_PORT_UCHAR
HalSetBusData
WRITE_PORT_BUFFER_USHORT
IoFreeMapRegisters
HalQueryDisplayParameters
KfLowerIrql
HalAllocateAdapterChannel
HalTranslateBusAddress

Exports

Exports

KknrjbkFbtfwTjmogum
ByuztlEhcrTk
RjiuNpmbsqAqedgRk
Kozdcj

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca2e68548df283a2ffde283eaca5f0fa

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

classpnp.sys

hal

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 69KB - Virtual size: 161KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 38B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 69KB - Virtual size: 161KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 38B