65941c24b75ec61929bf823a890a4c39094e8d797b7986bf5baf4bb6d0e8933c

General

Target

65941c24b75ec61929bf823a890a4c39094e8d797b7986bf5baf4bb6d0e8933c
Size

76KB
MD5

664b7d4c2a2f7548c373521aec754c66
SHA1

d701312d98cd2198077574481c22b268d9e6980f
SHA256

65941c24b75ec61929bf823a890a4c39094e8d797b7986bf5baf4bb6d0e8933c
SHA512

829128f92759b20ebd46ff48455a9accfb7c9fd7677f77f27189047860f43c52006004a6ef37cdc00982556325387701a13d6465722d0a4c476dab8f7fc58ab1
SSDEEP

1536:RgBs6yVTRb0A7nvPgO6iwYXbidJv3DJrRsbApxGHxeLRsM+t1nx:RgByVOu4OXidJvThIxetz+t1

Score

N/A

Malware Config

Signatures

Files

65941c24b75ec61929bf823a890a4c39094e8d797b7986bf5baf4bb6d0e8933c
.exe windows x86

ec6a457821303c3815efb515fc1562b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeBugCheckEx
KeTickCount
_allshl
RtlAppendUnicodeToString
RtlEqualUnicodeString
READ_REGISTER_UCHAR
RtlCompareMemory
KeQuerySystemTime
IoWMIWriteEvent
ExfInterlockedInsertHeadList
ZwCreateFile
ZwDeviceIoControlFile
ZwClose
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
ExInterlockedAddLargeInteger
KeEnterCriticalRegion
KeLeaveCriticalRegion
_aulldiv
_allmul
KeQueryInterruptTime
MmMapLockedPages
_alldiv
_allshr
RtlInitUnicodeString
RtlCompareUnicodeString
ExSetTimerResolution
KeQueryTimeIncrement
RtlCopyUnicodeString
RtlQueryRegistryValues
DbgPrint
KeInitializeSpinLock
ExfInterlockedInsertTailList
IofCompleteRequest
ExAllocatePoolWithTag
ExFreePoolWithTag
KefAcquireSpinLockAtDpcLevel
KefReleaseSpinLockFromDpcLevel

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeQueryPerformanceCounter

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.PAGE1
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec6a457821303c3815efb515fc1562b4

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

INIT Size: 1024B - Virtual size: 1024B

.reloc Size: 256B - Virtual size: 226B

.PAGE1 Size: 256B - Virtual size: 256B

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

INIT
Size: 1024B - Virtual size: 1024B

.reloc
Size: 256B - Virtual size: 226B

.PAGE1
Size: 256B - Virtual size: 256B