d9332875dde91edf6d02caa0f7058068d26849dd8aa8145e46b92cec1351ce86

General

Target

d9332875dde91edf6d02caa0f7058068d26849dd8aa8145e46b92cec1351ce86
Size

21KB
MD5

8049366a56758005f9f01d3af4e358de
SHA1

e2ace57dc4a77572b59d4ec5a8eefba3c795b4fb
SHA256

d9332875dde91edf6d02caa0f7058068d26849dd8aa8145e46b92cec1351ce86
SHA512

0987450b2fcb0a103d85a0543ba2e349cc34f0b2aaf802f3e7f100e6524621055f7395fd1b221912e24fd1140cd77715a73bb73a82240c05042bc1cf406eaac7
SSDEEP

384:k+wR9FgMHOwaKoHBmm03hy/jso9uT+quEOjBMLk:k7/gMFWHSy/jso5zMQ

Score

N/A

Malware Config

Signatures

Files

d9332875dde91edf6d02caa0f7058068d26849dd8aa8145e46b92cec1351ce86
.exe windows x86

303c65bcd9f1158f3d59ab42242a5598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ataport.sys

AtaPortNotification
AtaPortWritePortUchar
AtaPortWritePortUlong
AtaPortGetPhysicalAddress
AtaPortConvertPhysicalAddressToUlong
AtaPortGetScatterGatherList
AtaPortReadPortUchar
AtaPortStallExecution
AtaPortGetParentBusType
AtaPortRequestCallback
AtaPortWritePortBufferUshort
AtaPortGetUnCachedExtension
AtaPortCompleteRequest
AtaPortMoveMemory
AtaPortCompleteAllActiveRequests
AtaPortReleaseRequestSenseIrb
AtaPortBuildRequestSenseIrb
AtaPortReadPortUshort
AtaPortReadPortBufferUshort
AtaPortInitialize
AtaPortGetDeviceBase
AtaPortDeviceStateChange

ntoskrnl.exe

KeTickCount

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

303c65bcd9f1158f3d59ab42242a5598

Headers

DLL Characteristics

File Characteristics

Imports

ataport.sys

ntoskrnl.exe

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 512B - Virtual size: 174B

.data Size: 512B - Virtual size: 12B

INIT Size: 1024B - Virtual size: 868B

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 512B - Virtual size: 138B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 512B - Virtual size: 174B

.data
Size: 512B - Virtual size: 12B

INIT
Size: 1024B - Virtual size: 868B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 512B - Virtual size: 138B