f511cb97386dc5453c5c4a8a5d7c176453fa6a3e006085b8ba894ddeed8adc08

Sharing

Copy URL Twitter E-mail

General

Target

f511cb97386dc5453c5c4a8a5d7c176453fa6a3e006085b8ba894ddeed8adc08
Size

63KB
MD5

3f1067e19d6327bbe5e1bbebf21ea725
SHA1

3dd894bcf044c10b5cdd799be9732075552dbefd
SHA256

f511cb97386dc5453c5c4a8a5d7c176453fa6a3e006085b8ba894ddeed8adc08
SHA512

4a7f8052116ac355a5fbc77a5bfe5fa047dd6b8727cf5cf2d8eb936dde48ebd1888b0f7cc4e8ad28f3aa8deb67dff42dc244f0f6940faac99e35c82112598bdd
SSDEEP

1536:Whyxm23WmD5yv2i3pCQHj/oDTq3WtphTLzPM:WhyQBmCZpDLO1LzP

Score

N/A

Malware Config

Signatures

Files

f511cb97386dc5453c5c4a8a5d7c176453fa6a3e006085b8ba894ddeed8adc08
.exe windows x86

08f90a2668af8516df410a23ea629f42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hal

KfReleaseSpinLock
KfLowerIrql
KfRaiseIrql
KeGetCurrentIrql
KfAcquireSpinLock

ntoskrnl.exe

_alldiv
SeDeassignSecurity
RtlFreeOemString
RtlUpcaseUnicodeStringToOemString
DbgPrint
RtlAnsiStringToUnicodeString
RtlUnicodeStringToAnsiString
RtlOemStringToUnicodeString
RtlInitString
RtlUpperChar
MmMapLockedPagesSpecifyCache
RtlAppendStringToString
RtlInitAnsiString
strchr
strncpy
KeCancelTimer
ZwClose
ZwCancelTimer
ZwSetTimer
ZwCreateTimer
_aulldiv
_allmul
IofCompleteRequest
IofCallDriver
IoBuildDeviceIoControlRequest
ObfReferenceObject
IoGetDeviceObjectPointer
RtlInitUnicodeString
KeSetTimer
KeInitializeDpc
KeInitializeTimer
IoDeleteDevice
KeClearEvent
ExDeleteResourceLite
IoFreeIrp
IoGetRelatedDeviceObject
ProbeForWrite
_except_handler3
RtlCopyUnicodeString
DbgBreakPoint
ZwCreateKey
memchr
ZwReadFile
ZwQueryInformationFile
RtlFreeUnicodeString
ZwCreateFile
IoRemoveShareAccess
SeAssignSecurity
RtlExtendedLargeIntegerDivide
IoCheckShareAccess
SeAccessCheck
ObReferenceObjectByHandle
NtWaitForSingleObject
ZwDeviceIoControlFile
ZwCreateEvent
wcslen
ExfInterlockedPushEntryList
ExRaiseAccessViolation
MmUserProbeAddress
IoFileObjectType
PsGetCurrentThread
ExQueueWorkItem
KeInsertQueueDpc
IoAllocateIrp
RtlCompareUnicodeString
RtlAppendUnicodeStringToString
RtlIntegerToUnicodeString
RtlExtendedMagicDivide
MmBuildMdlForNonPagedPool
IoWriteErrorLogEntry
IoAllocateErrorLogEntry
swprintf
sprintf

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.PAGE1
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08f90a2668af8516df410a23ea629f42

Headers

File Characteristics

Imports

hal

ntoskrnl.exe

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 15KB

INIT Size: 1024B - Virtual size: 1024B

.reloc Size: 256B - Virtual size: 242B

.PAGE1 Size: 256B - Virtual size: 256B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 15KB

INIT
Size: 1024B - Virtual size: 1024B

.reloc
Size: 256B - Virtual size: 242B

.PAGE1
Size: 256B - Virtual size: 256B