4f0ac2a74ad02c47866f26076c51c1d25dadbbf44ea6bead19022b068ed3d5fe

General

Target

4f0ac2a74ad02c47866f26076c51c1d25dadbbf44ea6bead19022b068ed3d5fe
Size

49KB
MD5

63d084ae3460e3c0dca46733d4d6e010
SHA1

8385ef4253549680694743acb38ccd3b1a8b630d
SHA256

4f0ac2a74ad02c47866f26076c51c1d25dadbbf44ea6bead19022b068ed3d5fe
SHA512

67be49f96357aaeb908fb93d229a8b126a30ca4eab7b05615345848f61ef8bb4262c5555079e3be6a5ec417bf96845a5ccfa7ea77b07768e9d414b708e2b0583
SSDEEP

768:6gJm17XbqT+LWaL3gsqlZPKDssmrVr5rwr3rPrsp2TDUB2TDSgw7V0s2LxrBL/rO:6nDzLq1sdMB2Y/uEZsLiKrHWmjzC

Score

N/A

Malware Config

Signatures

Files

4f0ac2a74ad02c47866f26076c51c1d25dadbbf44ea6bead19022b068ed3d5fe
.exe windows x86

15d8364303846b4ad29f27102a3adec5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

scsiport.sys

ScsiPortStallExecution
ScsiPortSetBusDataByOffset
ScsiPortReadPortBufferUshort
ScsiPortWritePortBufferUshort
ScsiPortWritePortUlong
ScsiPortNotification
ScsiPortReadPortUshort
ScsiPortReadPortUchar
ScsiPortMohX�@mosy
ScsiPortLogError
ScsiPortReadPortBufferUchar
ScsiPortWritePortBufferUchar
ScsiPortConvertUlongToPhysicalAddress
ScsiPortGetDeviceBase
ScsiPortInitialize
ScsiPortWritePortUchar
ScsiPortCompleteRequest
ScsiPortGetBusData

ntoskrnl.exe

RtlWriteRegistryValue
KeTickCount
MmGetPhysicalAddress

hal

READ_PORT_ULONG
WRITE_PORT_ULONG

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 481B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 896B - Virtual size: 804B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 896B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 768B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15d8364303846b4ad29f27102a3adec5

Headers

File Characteristics

Imports

scsiport.sys

ntoskrnl.exe

hal

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 481B

.data Size: 1024B - Virtual size: 928B

INIT Size: 896B - Virtual size: 804B

.rsrc Size: 896B - Virtual size: 856B

.reloc Size: 768B - Virtual size: 704B

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 481B

.data
Size: 1024B - Virtual size: 928B

INIT
Size: 896B - Virtual size: 804B

.rsrc
Size: 896B - Virtual size: 856B

.reloc
Size: 768B - Virtual size: 704B