07caca61ca285d318b91bf662e29d3711f1fe1c4444f920ff9d65f5a3e49bf53

General

Target

07caca61ca285d318b91bf662e29d3711f1fe1c4444f920ff9d65f5a3e49bf53
Size

18KB
MD5

42ea287678455b81e27de5cd46ad662d
SHA1

34b0067aa3265a2ecfcef1d123a635da97c28c43
SHA256

07caca61ca285d318b91bf662e29d3711f1fe1c4444f920ff9d65f5a3e49bf53
SHA512

0298b54a2be9223f2310837c6c2009b40443b495740cb00cf8129ea9e76424ce9f1d14eceab6c79768e7c77644d1efd720451bcb8f37d68f42f9cbde6579f086
SSDEEP

384:TuJDsgF/I1LBz9/kVqLCc5NJnrW7uT+quEOjBMPV:SpsgF/KF9ZL3LBrezMPV

Score

N/A

Malware Config

Signatures

Files

07caca61ca285d318b91bf662e29d3711f1fe1c4444f920ff9d65f5a3e49bf53
.exe windows x86

10281fd36710073de578659cc14da8dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ataport.sys

AtaPortNotification
AtaPortWritePortUchar
AtaPortWritePortUlong
AtaPortGetPhysicalAddress
AtaPortConvertPhysicalAddressToUlong
AtaPortGetScatterGatherList
AtaPortReadPortUchar
AtaPortStallExecution
AtaPortGetParentBusType
AtaPortRequestCallback
AtaPortWritePortBufferUshort
AtaPortGetUnCachedExtension
AtaPortCompleteRequest
AtaPortReleaseRequestSenseIrb
AtaPortBuildRequestSenseIrb
AtaPortMoveMemory
AtaPortReadPortUshort
AtaPortReadPortBufferUshort
AtaPortCompleteAllActiveRequests
AtaPortInitialize
AtaPortGetDeviceBase
AtaPortDeviceStateChange

ntoskrnl.exe

KeTickCount

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10281fd36710073de578659cc14da8dd

Headers

DLL Characteristics

File Characteristics

Imports

ataport.sys

ntoskrnl.exe

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 512B - Virtual size: 174B

.data Size: 512B - Virtual size: 12B

INIT Size: 1024B - Virtual size: 872B

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 512B - Virtual size: 138B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 512B - Virtual size: 174B

.data
Size: 512B - Virtual size: 12B

INIT
Size: 1024B - Virtual size: 872B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 138B