3782574a3497d2f322a5aca2817d6fc456cde449170fd753c301e21db3592c5f

Sharing

Copy URL Twitter E-mail

General

Target

3782574a3497d2f322a5aca2817d6fc456cde449170fd753c301e21db3592c5f
Size

30KB
MD5

742a346c9c6d6b1c4d11de7fbe706020
SHA1

9b525947d407272c140051a430885501f2488644
SHA256

3782574a3497d2f322a5aca2817d6fc456cde449170fd753c301e21db3592c5f
SHA512

06eb513b884462320bb93693b16a7a38265884d31520e95fb1743a0b9ae5f1fb30a8259305f4b817817ed199eefe81a836ee1c44c778d81feaab82f99c227c00
SSDEEP

384:48C7em7OjKa0I2M//solSFG7vL3MBJ29+YbS0X1c1:48a7OjKa0Ih//solSFG7Iz29nbS0XC1

Score

N/A

Malware Config

Signatures

Files

3782574a3497d2f322a5aca2817d6fc456cde449170fd753c301e21db3592c5f
.exe windows x86

2a56bb14d626c256421718819bfebedc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

_except_handler3
ZwQuerySystemInformation
ExFreePool
_stricmp
strrchr
ExAllocatePoolWithTag
RtlFreeUnicodeString
IoCreateFile
RtlAnsiStringToUnicodeString
RtlInitAnsiString
IoFreeIrp
KeSetEvent
ObfDereferenceObject
KeWaitForSingleObject
IofCallDriver
KeGetCurrentThread
KeInitializeEvent
IoAllocateIrp
IoGetRelatedDeviceObject
ObReferenceObjectByHandle
IoFileObjectType
IofCompleteRequest
strncmp
IoGetCurrentProcess
IoDeleteDevice
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
ZwPulseEvent
ProbeForRead
MmFreePagesFromMdl
MmCreateMdl
KePulseEvent
KeInitializeTimer
KeInitializeMutex
KeInitializeSemaphore
MmMapIoSpace
KeTickCount
KeBugCheckEx

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 768B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sosata2
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sosata1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

trata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tqata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tpata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.toata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tnata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tmata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tlata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tkata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tjata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tiata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.thata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tgata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tfata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.teata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tcata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.taata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t9ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t8ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t7ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t6ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t5ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t4ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t3ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t2ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t1ata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ESTisb
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 896B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a56bb14d626c256421718819bfebedc

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 768B - Virtual size: 716B

sosata2 Size: 128B - Virtual size: 28B

sosata1 Size: 4KB - Virtual size: 4KB

trata Size: 256B - Virtual size: 256B

tqata Size: 256B - Virtual size: 256B

tpata Size: 256B - Virtual size: 256B

.toata Size: 256B - Virtual size: 256B

.tnata Size: 256B - Virtual size: 256B

.tmata Size: 256B - Virtual size: 256B

.tlata Size: 256B - Virtual size: 256B

.tkata Size: 256B - Virtual size: 256B

.tjata Size: 256B - Virtual size: 256B

.tiata Size: 256B - Virtual size: 256B

.thata Size: 256B - Virtual size: 256B

.tgata Size: 256B - Virtual size: 256B

.tfata Size: 256B - Virtual size: 256B

.teata Size: 256B - Virtual size: 256B

.tdata Size: 256B - Virtual size: 256B

.tcata Size: 256B - Virtual size: 256B

.tbata Size: 256B - Virtual size: 256B

.taata Size: 256B - Virtual size: 256B

.t9ata Size: 256B - Virtual size: 256B

.t8ata Size: 256B - Virtual size: 256B

.t7ata Size: 256B - Virtual size: 256B

.t6ata Size: 256B - Virtual size: 256B

.t5ata Size: 256B - Virtual size: 256B

.t4ata Size: 256B - Virtual size: 256B

.t3ata Size: 256B - Virtual size: 256B

.t2ata Size: 256B - Virtual size: 256B

.t1ata Size: 512B - Virtual size: 512B

.ESTisb Size: 2KB - Virtual size: 2KB

INIT Size: 1KB - Virtual size: 1KB

.reloc Size: 896B - Virtual size: 846B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 768B - Virtual size: 716B

sosata2
Size: 128B - Virtual size: 28B

sosata1
Size: 4KB - Virtual size: 4KB

trata
Size: 256B - Virtual size: 256B

tqata
Size: 256B - Virtual size: 256B

tpata
Size: 256B - Virtual size: 256B

.toata
Size: 256B - Virtual size: 256B

.tnata
Size: 256B - Virtual size: 256B

.tmata
Size: 256B - Virtual size: 256B

.tlata
Size: 256B - Virtual size: 256B

.tkata
Size: 256B - Virtual size: 256B

.tjata
Size: 256B - Virtual size: 256B

.tiata
Size: 256B - Virtual size: 256B

.thata
Size: 256B - Virtual size: 256B

.tgata
Size: 256B - Virtual size: 256B

.tfata
Size: 256B - Virtual size: 256B

.teata
Size: 256B - Virtual size: 256B

.tdata
Size: 256B - Virtual size: 256B

.tcata
Size: 256B - Virtual size: 256B

.tbata
Size: 256B - Virtual size: 256B

.taata
Size: 256B - Virtual size: 256B

.t9ata
Size: 256B - Virtual size: 256B

.t8ata
Size: 256B - Virtual size: 256B

.t7ata
Size: 256B - Virtual size: 256B

.t6ata
Size: 256B - Virtual size: 256B

.t5ata
Size: 256B - Virtual size: 256B

.t4ata
Size: 256B - Virtual size: 256B

.t3ata
Size: 256B - Virtual size: 256B

.t2ata
Size: 256B - Virtual size: 256B

.t1ata
Size: 512B - Virtual size: 512B

.ESTisb
Size: 2KB - Virtual size: 2KB

INIT
Size: 1KB - Virtual size: 1KB

.reloc
Size: 896B - Virtual size: 846B