a3cb081b4ffaa3c8a77bb4b324af6e4648c267bc2f007a818c348c8cf3723ae4

Sharing

Copy URL Twitter E-mail

General

Target

a3cb081b4ffaa3c8a77bb4b324af6e4648c267bc2f007a818c348c8cf3723ae4
Size

56KB
MD5

72d7549b5d82b6dc538aa657720e982e
SHA1

5e51e0104b3e167b79a97b2b6cf1d325079f7d86
SHA256

a3cb081b4ffaa3c8a77bb4b324af6e4648c267bc2f007a818c348c8cf3723ae4
SHA512

7772441d847766a98338f30d9a6923d399938e6eabf18889581f88b3bc7ee8b2cde135a261ef2fe46bff9dc9a72bad3a4c365e88e2bcea78b923439385a135bf
SSDEEP

768:4vM9HDkL0716NBg4bI8kyZN5GeLuAtbwGf+MhVxcs8Km5keq2ZX2PTYnGNWBcqwz:QNXtNvq5Y0qtoKTITYCbJy6

Score

N/A

Malware Config

Signatures

Files

a3cb081b4ffaa3c8a77bb4b324af6e4648c267bc2f007a818c348c8cf3723ae4
.exe windows x86

f60ea72a595b25ed2508cd0ace948e2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
IoGetDeviceInterfaces
wcslen
WmiQueryTraceInformation
IoWMIRegistrationControl
RtlCopyUnicodeString
ExAllocatePoolWithTag
IoGetDriverObjectExtension
IoAllocateDriverObjectExtension
IofCallDriver
IoDeleteDevice
IoDetachDevice
PsCreateSystemThread
KeInitializeSpinLock
IoInitializeRemoveLockEx
KeInitializeEvent
IoAttachDeviceToDeviceStack
IoCreateDevice
IoReleaseRemoveLockEx
KeSetEvent
KeWaitForSingleObject
IofCompleteRequest
IoAcquireRemoveLockEx
IoUnregisterPlugPlayNotification
IoReleaseRemoveLockAndWaitEx
IoRegisterPlugPlayNotification
ExfInterlockedInsertTailList
ZwCreateFile
ExfInterlockedRemoveHeadList
KeQueryTimeIncrement
KeTickCount
KeWaitForMultipleObjects
KeSetPriorityThread
KeGetCurrentThread
_alldiv
_allmul
IoReuseIrp
IoFreeMdl
IoFreeIrp
MmBuildMdlForNonPagedPool
IoAllocateMdl
IoAllocateIrp
KeClearEvent
IoBuildDeviceIoControlRequest
RtlQueryRegistryValues
ZwOpenKey
IoOpenDeviceRegistryKey
RtlWriteRegistryValue
ZwCreateKey
_aulldiv
PoCallDriver
PoStartNextPowerIrp
IoInitializeIrp
KeBugCheckEx
ExFreePoolWithTag
ObReferenceObjectByHandle
ZwClose
ObfDereferenceObject
IoGetRelatedDeviceObject
WmiTraceMessage
IoAllocateErrorLogEntry
PsTerminateSystemThread
IoWriteErrorLogEntry

hal

KfAcquireSpinLock
KfReleaseSpinLock

wmilib.sys

WmiCompleteRequest
WmiSystemControl

ks.sys

KsCreatePin
KsSynchronousIoControlDevice

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGERW
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGECONS
Size: 256B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f60ea72a595b25ed2508cd0ace948e2d

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

wmilib.sys

ks.sys

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

PAGE Size: 33KB - Virtual size: 33KB

PAGERW Size: 1KB - Virtual size: 1KB

PAGECONS Size: 256B - Virtual size: 208B

INIT Size: 2KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

PAGE
Size: 33KB - Virtual size: 33KB

PAGERW
Size: 1KB - Virtual size: 1KB

PAGECONS
Size: 256B - Virtual size: 208B

INIT
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 3KB