1b58f0abc3a6be1514afceb10493ba7e0eb195ed68f5951e3892c49e96d96914

General

Target

1b58f0abc3a6be1514afceb10493ba7e0eb195ed68f5951e3892c49e96d96914
Size

46KB
MD5

64a838d53edac64a2ec6bf87afa38c81
SHA1

2010c13220322576517a67a1a41a66d0cc052a90
SHA256

1b58f0abc3a6be1514afceb10493ba7e0eb195ed68f5951e3892c49e96d96914
SHA512

fa5f3ab6cfc9223911cce91b989fe78e781549c0a15f471a308d70bf4c701de95ca822529f754907cdd41ad41b9533ca6564b91c6a9964a834048b1575371bfc
SSDEEP

768:kcFYGW0YpooFsCgsno5vxRQvXKq6wDm5ht5mnOROxcJLOcSN3YVSXZqszc05iF:kuYG6pesotxRQvXz6Km+nOROiLOcSN3o

Score

N/A

Malware Config

Signatures

Files

1b58f0abc3a6be1514afceb10493ba7e0eb195ed68f5951e3892c49e96d96914
.exe windows x86

8b1d04d154f3b4d41cbc6acc9f2e5db7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

scsiport.sys

ScsiPortReadPortUlong
ScsiPortStallExecution
ScsiPortSetBusDataByOffset
ScsiDebugPrint
ScsiPortGetVirtualAddress
ScsiPortGetPhysicalAddress
ScsiPortMoveMemory
ScsiPortReadPortUshort
ScsiPortWritePortBufferUshort
ScsiPortWritePortUlong
ScsiPortWritePortBufferUlong
ScsiPortReadPortBufferUlong
ScsiPortNotification
ScsiPortCompleteRequest
ScsiPortGetUncachedExtension
ScsiPortGetDeviceBase
ScsiPortLogError
ScsiPortInitialize
ScsiPortGetBusData
ScsiPortReadPortUchar
ScsiPortReadPortBufferUshort
ScsiPortWritePortUchar

ntoskrnl.exe

DbgPrint
KeBugCheckEx
KeTickCount

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 231B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 890B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b1d04d154f3b4d41cbc6acc9f2e5db7

Headers

DLL Characteristics

File Characteristics

Imports

scsiport.sys

ntoskrnl.exe

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 512B - Virtual size: 231B

.data Size: 512B - Virtual size: 70B

INIT Size: 1024B - Virtual size: 890B

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 1024B - Virtual size: 824B

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 512B - Virtual size: 231B

.data
Size: 512B - Virtual size: 70B

INIT
Size: 1024B - Virtual size: 890B

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 1024B - Virtual size: 824B