3b8f6844d9dfc5ec9ec4c5d9e2e235aae2c6ab5a6aa62588f3b0bab8b204e135

Sharing

Copy URL Twitter E-mail

General

Target

3b8f6844d9dfc5ec9ec4c5d9e2e235aae2c6ab5a6aa62588f3b0bab8b204e135
Size

26KB
MD5

6e22beab7dca92a366ba01bd454722eb
SHA1

21940b695eca3bc2ecb58ce86c8baf735478e81f
SHA256

3b8f6844d9dfc5ec9ec4c5d9e2e235aae2c6ab5a6aa62588f3b0bab8b204e135
SHA512

d66fc762188276f5773dcf7751051e4286c92c7bec6b82607594dd85b2b345efd4b1e48f71a346fd48ad283bed6a17a4387077db7191e34723a956b8b8634bab
SSDEEP

384:R+DL1MUxf4PJ+zzAb0WUHFxpDLT74aLcBd1cUfJKxpGCQjYsaOTLi88reZVHZAbq:oC2S4zjNxpDLk31xsJO6JreqbSYAEH

Score

N/A

Malware Config

Signatures

Files

3b8f6844d9dfc5ec9ec4c5d9e2e235aae2c6ab5a6aa62588f3b0bab8b204e135
.exe windows x86

9b13063ad9c25282736ca9ea09fe62eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ObfDereferenceObject
IoGetDeviceObjectPointer
RtlQueryRegistryValues
swprintf
MmPageEntireDriver
MmResetDriverPaging
IoWriteErrorLogEntry
IoAllocateErrorLogEntry
KeDelayExecutionThread
IoBuildDeviceIoControlRequest
RtlFreeUnicodeString
RtlCompareUnicodeString
ZwClose
KeSetTimer
ObReferenceObjectByHandle
ObfReferenceObject
RtlAnsiStringToUnicodeString
RtlInitAnsiString
sprintf
IoGetDmaAdapter
IoStopTimer
IoDisconnectInterrupt
IoAllocateAdapterChannel
KeResetEvent
IoStartNextPacket
IoSetHardErrorOrVerifyDevice
KeSynchronizeExecution
KeInsertQueueDpc
IoInitializeTimer
RtlInitUnicodeString
IoQueryDeviceDescription
IoConnectInterrupt
MmBuildMdlForNonPagedPool
IoAllocateMdl
IoFreeMdl
IoStartPacket
ExfInterlockedRemoveHeadList
ExfInterlockedInsertTailList
KeQuerySystemTime
IoDetachDevice
PoRequestPowerIrp
DbgBreakPoint
RtlCompareMemory
ZwSetValueKey
ZwOpenKey
memmove
IoStartTimer
KeTickCount
IoFreeIrp
IoAllocateIrp
IoGetAttachedDeviceReference
KeBugCheckEx
IofCallDriver
KeWaitForSingleObject
MmMapIoSpace
PoStartNextPowerIrp
PoCallDriver
IofCompleteRequest
ExAllocatePoolWithTag
KeSetEvent
IoCreateDevice
KeInitializeEvent
KeInitializeTimer
KeInitializeSpinLock
IoAttachDeviceToDeviceStack
IoDeleteDevice
KeInitializeDpc
ExFreePoolWithTag

hal

IoMapTransfer
IoFlushAdapterBuffers
HalGetInterruptVector
KfAcquireSpinLock
KfReleaseSpinLock
KeStallExecutionProcessor
KfRaiseIrql
IoFreeAdapterChannel
KfLowerIrql
READ_PORT_UCHAR
WRITE_PORT_UCHAR
ExAcquireFastMutex
ExReleaseFastMutex
HalTranslateBusAddress

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 384B - Virtual size: 326B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b13063ad9c25282736ca9ea09fe62eb

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 512B - Virtual size: 396B

.data Size: 256B - Virtual size: 242B

PAGE Size: 384B - Virtual size: 326B

INIT Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 512B - Virtual size: 396B

.data
Size: 256B - Virtual size: 242B

PAGE
Size: 384B - Virtual size: 326B

INIT
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 1KB - Virtual size: 1KB