0e26f5bae5f91987c846eb5c97f27277e8dadc514bfaf5a0fa129018bd93c7e2

General

Target

0e26f5bae5f91987c846eb5c97f27277e8dadc514bfaf5a0fa129018bd93c7e2
Size

63KB
MD5

6068655b256f6b70bc1f872dc2964822
SHA1

a067ae18c2d2a3034066e36fb00d0ec87eb7d957
SHA256

0e26f5bae5f91987c846eb5c97f27277e8dadc514bfaf5a0fa129018bd93c7e2
SHA512

9584a89cd35570d00e742edd0cef6593146b1cb27be2a0baf7af6f24ea703e87f0ab8a2ad047bd169496b3ac9f8cc474cb85b33678cc1ea85780aa14ae8589d5
SSDEEP

1536:ANC0PccXwTq0RkDYrCuEh4W1yjOWdZ/QT2y3x4xJImKiKqplTFzaGnqt/:ANHEYwT6j1HuZwB3UJImKiKqplTFzaGq

Score

N/A

Malware Config

Signatures

Files

0e26f5bae5f91987c846eb5c97f27277e8dadc514bfaf5a0fa129018bd93c7e2
.exe windows x86

696dec2fbe055dcf6076df7fd869f0c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeBugCheckEx
KeTickCount
_allshl
RtlAppendUnicodeToString
READ_REGISTER_UCHAR
RtlEqualUnicodeString
RtlCompareMemory
KeQuerySystemTime
IoWMIWriteEvent
ExfInterlockedInsertHeadList
ZwCreateFile
ZwDeviceIoControlFile
ZwClose
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
ExInterlockedAddLargeInteger
KeEnterCriticalRegion
KeLeaveCriticalRegion
_aulldiv
_allmul
KeQueryInterruptTime
MmMapLockedPages
_alldiv
_allshr
RtlInitUnicodeString
RtlCompareUnicodeString
ExSetTimerResolution
KeQueryTimeIncrement
RtlCopyUnicodeString
RtlQueryRegistryValues
DbgPrint
KeInitializeSpinLock
ExfInterlockedInsertTailList
IofCompleteRequest
ExAllocatePoolWithTag
ExFreePoolWithTag
KefAcquireSpinLockAtDpcLevel
KefReleaseSpinLockFromDpcLevel
InterlockedPushEntrySList
InterlockedPopEntrySList
IoWMIRegistrationControl
ZwLoadDriver

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeQueryPerformanceCounter

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 226B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.PAGE1
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

696dec2fbe055dcf6076df7fd869f0c8

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 15KB - Virtual size: 15KB

INIT Size: 1024B - Virtual size: 1024B

.reloc Size: 256B - Virtual size: 226B

.PAGE1 Size: 256B - Virtual size: 256B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 15KB - Virtual size: 15KB

INIT
Size: 1024B - Virtual size: 1024B

.reloc
Size: 256B - Virtual size: 226B

.PAGE1
Size: 256B - Virtual size: 256B