acfa3adfc4b0f76a50c261e255dddb17e7c53d8e09f95aff19e6b339aaf531cf

General

Target

acfa3adfc4b0f76a50c261e255dddb17e7c53d8e09f95aff19e6b339aaf531cf
Size

106KB
MD5

78dbcb63919fac85278936a4e2a54078
SHA1

c261046529abdbe13d86f1e0f81c093e918d3cf2
SHA256

acfa3adfc4b0f76a50c261e255dddb17e7c53d8e09f95aff19e6b339aaf531cf
SHA512

6b83e2c373da325db498413d9b26789f277d0cae08a8793caaaa2f953007a289b583045450d2866912ba7a7c3401fa218bf90aadca0a6b7f76839c1e70c5627e
SSDEEP

3072:HzHSpFTMyutMIGeq6nrPElkNcAGtBvZBYHUg+:HzHAAXtHzPqKGt94Hg

Score

N/A

Malware Config

Signatures

Files

acfa3adfc4b0f76a50c261e255dddb17e7c53d8e09f95aff19e6b339aaf531cf
.exe windows x86

924213ff12d602074a33843162c9cb2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hal

KeAcquireQueuedSpinLock

ntoskrnl.exe

RtlInitUnicodeString
ZwCreateKey
ExInitializeZone
ZwQueryValueKey
RtlAddAccessAllowedAce
RtlCreateAcl
RtlLengthSid
SeExports
ObReleaseObjectSecurity
SeSetSecurityDescriptorInfo
ExAllocatePoolWithTag
RtlLengthSecurityDescriptor
ExInterlockedAddLargeInteger
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
ObGetObjectSecurity
IoDeleteDevice
ExDeleteNPagedLookasideList
IoQueueWorkItem
ZwNotifyChangeKey
MmPageEntireDriver
IoFreeWorkItem
ExInitializeNPagedLookasideList
IoAllocateWorkItem
IoCreateDevice
DbgBreakPoint
KeReadStateEvent
KePulseEvent
MmAdvanceMdl
KeBugCheckEx
ExInterlockedFlushSList
KeSetTimerEx
KeInitializeDpc
KeInitializeTimer
MmLockPagableDataSection
KeSetTimer
MmUnlockPagableImageSection
KeRemoveQueueDpc

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

924213ff12d602074a33843162c9cb2a

Headers

File Characteristics

Imports

hal

ntoskrnl.exe

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 16KB

.INIT Size: 1024B - Virtual size: 1024B

.reloc Size: 256B - Virtual size: 224B

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 16KB

.INIT
Size: 1024B - Virtual size: 1024B

.reloc
Size: 256B - Virtual size: 224B