b139afc50ecbb8d6a5f0d809c5b32576820e9339076ade7183bacb8088ae718b

General

Target

b139afc50ecbb8d6a5f0d809c5b32576820e9339076ade7183bacb8088ae718b
Size

56KB
MD5

6773c54e4dbacbd438a6f9d7c930c5b1
SHA1

160d72266bf33bed58fc0a26d4e57ded5a4d40ef
SHA256

b139afc50ecbb8d6a5f0d809c5b32576820e9339076ade7183bacb8088ae718b
SHA512

07ebe0371cd6b69ccd290c98ac3f4c6cdd132aaa36d501742d158709775ffc0ce613054d42304eaecd907ff20548eea0b8f281c7a3f224f9c69d23dd9ab4ef6c
SSDEEP

768:2ZmVsiQmoCd6bjG7WLfZ+EdBzD44JdeUAmA2nxTLOwVACr91geURgA+Lma2+IV1g:1cbjMCVdBzMudNu2HzMR/ay9b4Xky

Score

N/A

Malware Config

Signatures

Files

b139afc50ecbb8d6a5f0d809c5b32576820e9339076ade7183bacb8088ae718b
.exe windows x86

4ae3ac65e1d308c484c2d68c2035afc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeBugCheckEx
READ_REGISTER_UCHAR
KeTickCount
_allshl
RtlAppendUnicodeToString
RtlEqualUnicodeString
RtlCompareMemory
KeQuerySystemTime
IoWMIWriteEvent
ExfInterlockedInsertHeadList
ZwCreateFile
ZwDeviceIoControlFile
ZwClose
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
ExInterlockedAddLargeInteger
KeEnterCriticalRegion
KeLeaveCriticalRegion
_aulldiv
_allmul
KeQueryInterruptTime
MmMapLockedPages
_alldiv
_allshr
RtlInitUnicodeString
RtlCompareUnicodeString
ExSetTimerResolution
KeQueryTimeIncrement
RtlCopyUnicodeString
RtlQueryRegistryValues
DbgPrint
KeInitializeSpinLock
ExfInterlockedInsertTailList
IofCompleteRequest
ExAllocatePoolWithTag
ExFreePoolWithTag
KefAcquireSpinLockAtDpcLevel
KefReleaseSpinLockFromDpcLevel

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeQueryPerformanceCounter

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.PAGE1
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ae3ac65e1d308c484c2d68c2035afc6

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 15KB - Virtual size: 15KB

INIT Size: 1024B - Virtual size: 1024B

.reloc Size: 256B - Virtual size: 226B

.PAGE1 Size: 256B - Virtual size: 256B

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 15KB - Virtual size: 15KB

INIT
Size: 1024B - Virtual size: 1024B

.reloc
Size: 256B - Virtual size: 226B

.PAGE1
Size: 256B - Virtual size: 256B