c4b67be54b05b2882b714d885ba9fbe8048abc1d95c658fe2d3f9dc814a4f710

Sharing

Copy URL Twitter E-mail

General

Target

c4b67be54b05b2882b714d885ba9fbe8048abc1d95c658fe2d3f9dc814a4f710
Size

131KB
MD5

642a510f1df1d3ad6f7ac12e4f31a350
SHA1

0d124dba30348eaf6ac1eca43f8b327359de13b1
SHA256

c4b67be54b05b2882b714d885ba9fbe8048abc1d95c658fe2d3f9dc814a4f710
SHA512

3818bb7d2e1e6eba39f5f3837d7038deac96c0f92e189130ec7b56e803d2ca5d7007e54ea6b7fcabd072ad28565807303e09135922a9ff544f2a3c7055b2db3d
SSDEEP

1536:isEnF0q9wXbof9W1ZdPuqQGQELyC8kgRAW95/aNtpeyl:ZqF0q6kfQMHNE+nAW95/yl

Score

N/A

Malware Config

Signatures

Files

c4b67be54b05b2882b714d885ba9fbe8048abc1d95c658fe2d3f9dc814a4f710
.exe windows x86

8fbba120a4ec3a0d3845f7e8185b99db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeBugCheckEx
KeTickCount
IofCompleteRequest
RtlInitUnicodeString
memmove
IoFreeMdl
memset
memcpy
MmMapLockedPagesSpecifyCache

hal

KfReleaseSpinLock
KfAcquireSpinLock

ndis.sys

NdisIMDeInitializeDeviceInstance
NdisOpenProtocolConfiguration
NdisReadConfiguration
NdisIMCancelInitializeDeviceInstance
NdisInitializeEvent
NdisAllocatePacketPoolEx
NdisOpenAdapter
NdisGetReceivedPacket
NdisAllocateMemoryWithTag
NdisCloseAdapter
NdisUnchainBufferAtFront
NdisFreePacket
NdisFreeMemory
NdisAllocateBuffer
NdisAllocatePacket
NdisAllocateMemory
NdisSetEvent
NdisMSetAttributesEx
NdisIMGetDeviceContext
NdisIMCopySendCompletePerPacketInfo
NdisIMCopySendPerPacketInfo
NdisIMGetCurrentPacketStack
NdisRequest
NdisMIndicateStatusComplete
NdisMIndicateStatus
NdisReturnPackets
NdisGetPoolFromPacket
NdisWaitEvent
NdisResetEvent
NdisCancelSendPackets
NdisFreePacketPool
NdisMDeregisterDevice
NdisIMDeregisterLayeredMiniport
NdisTerminateWrapper
NdisIMAssociateMiniport
NdisRegisterProtocol
NdisMRegisterUnloadHandler
NdisIMRegisterLayeredMiniport
NdisInitializeWrapper
NdisMRegisterDevice
NdisMSleep
NdisDeregisterProtocol
NdisDprFreePacket
NdisDprAllocatePacket
NdisIMNotifyPnPEvent
NdisReEnumerateProtocolBindings
NdisCloseConfiguration
NdisIMInitializeDeviceInstanceEx

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 389B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fbba120a4ec3a0d3845f7e8185b99db

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

ndis.sys

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 512B - Virtual size: 389B

.data Size: 512B - Virtual size: 180B

INIT Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 720B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 512B - Virtual size: 389B

.data
Size: 512B - Virtual size: 180B

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 720B