7fb4f7bae05400bf56cc9eee9d1a250b9ffc6b08026d18fcc16b0a95a1bb9088

General

Target

7fb4f7bae05400bf56cc9eee9d1a250b9ffc6b08026d18fcc16b0a95a1bb9088
Size

47KB
MD5

917b07966b83c7a2b3552a026f89d820
SHA1

8ed2cf801340e48d1976434618ebc2d23202e2f4
SHA256

7fb4f7bae05400bf56cc9eee9d1a250b9ffc6b08026d18fcc16b0a95a1bb9088
SHA512

4fe126e4498f36cf93ccc475386ba5c67886bfccdc34fa6b1795faa287eb9e1342f321a7dd6facd4b043aece2088f9a7f02e6f42f366a4ec57af3eeee74600dc
SSDEEP

768:VSwPLbhFUUKrNan1qj2bsB8lo+v8sh4exirCGaxmGGPdG6LL+gPm0Oy+lJ5YLcly:1lbx0Uptvy+hUh

Score

N/A

Malware Config

Signatures

Files

7fb4f7bae05400bf56cc9eee9d1a250b9ffc6b08026d18fcc16b0a95a1bb9088
.exe windows x86

6b0cf233922f46bf4b1d6cc059dd788f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmIsAddressValid
ZwClose
ZwUnmapViewOfSection
swprintf
RtlInitUnicodeString
wcscat
wcscpy
ZwCreateFile
ZwSetValueKey
ZwOpenKey
ZwEnumerateKey
RtlAnsiStringToUnicodeString
ZwCreateKey
wcslen
_snprintf
ExFreePool
ExAllocatePoolWithTag
ZwQuerySystemInformation
ZwMapViewOfSection
ZwCreateSection
IoRegisterDriverReinitialization
strncmp
IoGetCurrentProcess
_wcsnicmp
PsGetVersion
_wcslwr
wcsncpy
PsTerminateSystemThread
_stricmp
strncpy
PsLookupProcessByProcessId
KeInitializeTimer
IofCompleteRequest
MmGetSystemRoutineAddress

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 128B - Virtual size: 111B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 832B - Virtual size: 804B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 928B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 736B - Virtual size: 730B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b0cf233922f46bf4b1d6cc059dd788f

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 39KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 4KB

PAGE Size: 128B - Virtual size: 111B

INIT Size: 832B - Virtual size: 804B

.rsrc Size: 928B - Virtual size: 912B

.reloc Size: 736B - Virtual size: 730B

.text
Size: 39KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 4KB

PAGE
Size: 128B - Virtual size: 111B

INIT
Size: 832B - Virtual size: 804B

.rsrc
Size: 928B - Virtual size: 912B

.reloc
Size: 736B - Virtual size: 730B