95a73e5134620ef2b81200cfdf20db227a494c7c125709a57ac6bbe1b1f1bfc5

General

Target

95a73e5134620ef2b81200cfdf20db227a494c7c125709a57ac6bbe1b1f1bfc5
Size

42KB
MD5

66ec8bae081000531a8a207a8a7c6803
SHA1

a510b4ef24bd3258b0463b279276615d9321ea61
SHA256

95a73e5134620ef2b81200cfdf20db227a494c7c125709a57ac6bbe1b1f1bfc5
SHA512

d4f3d879de9b811f2d2c2dbaff2a4417833888da6457a71dd39bfc3c33cc02ce9a209aebfaacc2fcd4a665307664ae5c2b6e640cc113a74c4a682a699510017b
SSDEEP

384:WTf/yBvHLeMVWUxxY9qh8rX2H/e832eZa:43qxWyWqhp/B2

Score

N/A

Malware Config

Signatures

Files

95a73e5134620ef2b81200cfdf20db227a494c7c125709a57ac6bbe1b1f1bfc5
.exe windows x86

f6ad1261937fddda3a0479ab9f3995f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

FsRtlDissectName
SeCaptureSubjectContext
KeRemoveQueue
InbvSetScrollRegion
IoRemoveShareAccess
_itoa
FsRtlIsTotalDeviceFailure
RtlDecompressChunks
IoFreeMdl
MmFreePagesFromMdl
InbvInstallDisplayStringFilter
RtlAllocateHeap
ZwWaitForMultipleObjects
ExSystemExceptionFilter
IoReportHalResourceUsage
RtlGetNextRange
ExFreePoolWithTag
FsRtlMdlReadCompleteDev
IoBuildSynchronousFsdRequest
ExInterlockedInsertHeadList
IoOpenDeviceInterfaceRegistryKey
IoAcquireVpbSpinLock
IoUnregisterFsRegistrationChange
strspn
MmSizeOfMdl
SeCreateAccessState
SeTokenImpersonationLevel
wcscpy
FsRtlFastCheckLockForRead
KeFindConfigurationNextEntry
IoAttachDeviceToDeviceStack
ExIsResourceAcquiredSharedLite
PsThreadType
ZwQueryVolumeInformationFile

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f6ad1261937fddda3a0479ab9f3995f9

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

CODE Size: 39KB - Virtual size: 39KB

INIT Size: 256B - Virtual size: 256B

.rsrc Size: 512B - Virtual size: 512B

.rsrc Size: 32B - Virtual size: 32B

.rdata Size: 1KB - Virtual size: 1KB

CODE
Size: 39KB - Virtual size: 39KB

INIT
Size: 256B - Virtual size: 256B

.rsrc
Size: 512B - Virtual size: 512B

.rsrc
Size: 32B - Virtual size: 32B

.rdata
Size: 1KB - Virtual size: 1KB