f2c09c3bf7babaff6ac304abca5c67b5a502000d7996678fce06b938039a8ddd

General

Target

f2c09c3bf7babaff6ac304abca5c67b5a502000d7996678fce06b938039a8ddd
Size

445KB
MD5

584ddd7b907146d21c840501689a4287
SHA1

b8d8a3194f7cec76addbb4f947aa2d4622567f17
SHA256

f2c09c3bf7babaff6ac304abca5c67b5a502000d7996678fce06b938039a8ddd
SHA512

62823c8e7ed71381d976c1786a60c3ff47e324de88dc4a2941e06d092b6e18c8c7977eec2ae17c0454b84f777f281b8b624b2e2e3c97c4a8a74ffe5adffc6e71
SSDEEP

12288:WRh0HkmtJjYVFLtYgG3e/KWuKfGXlgPZ9:IMJjFKKWuKfGXCh9

Score

N/A

Malware Config

Signatures

Files

f2c09c3bf7babaff6ac304abca5c67b5a502000d7996678fce06b938039a8ddd
.exe windows x86

26afc08037ad6e2729107fbf5e2ab646

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeBugCheckEx
KeTickCount
_allshl
RtlAppendUnicodeToString
READ_REGISTER_ULONG
RtlEqualUnicodeString
RtlCompareMemory
KeQuerySystemTime
IoWMIWriteEvent
ExfInterlockedInsertHeadList
ZwCreateFile
ZwDeviceIoControlFile
ZwClose
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
ExInterlockedAddLargeInteger
KeEnterCriticalRegion
KeLeaveCriticalRegion
_aulldiv
_allmul
KeQueryInterruptTime
MmMapLockedPages
_alldiv
_allshr
RtlInitUnicodeString
RtlCompareUnicodeString
ExSetTimerResolution
KeQueryTimeIncrement
RtlCopyUnicodeString
RtlQueryRegistryValues
DbgPrint

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeQueryPerformanceCounter

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.PAGE1
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

26afc08037ad6e2729107fbf5e2ab646

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 15KB

INIT Size: 1024B - Virtual size: 1024B

.reloc Size: 256B - Virtual size: 194B

.PAGE1 Size: 256B - Virtual size: 256B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 15KB

INIT
Size: 1024B - Virtual size: 1024B

.reloc
Size: 256B - Virtual size: 194B

.PAGE1
Size: 256B - Virtual size: 256B