93ad3e88e3536f14e57db8079c8c6d1e8ca7487681f17d67a227501fd51bb205

Sharing

Copy URL Twitter E-mail

General

Target

93ad3e88e3536f14e57db8079c8c6d1e8ca7487681f17d67a227501fd51bb205
Size

159KB
MD5

a2f4ad933a534d12fb3d45134832f1a9
SHA1

6dd474e8ccf3b3725ed3f68ef5b2dd2d44f49b18
SHA256

93ad3e88e3536f14e57db8079c8c6d1e8ca7487681f17d67a227501fd51bb205
SHA512

44a019febe10bea3febe2d846a28370e0a73753de2345066e87947f00dfe168773203381ba6d74d124c8c1a07a132ae93b42d74880eb4cad80a74430c9fb4a5c
SSDEEP

3072:BmeIzXYFqNb/KlhRnaRpY0Dv0DzxOpyveIn0C2cJaJFs0r9gkJKqDm+TAnBRjvt:BtIzIobyDh7zwA0C2ckJ4f+iBRjv

Score

N/A

Malware Config

Signatures

Files

93ad3e88e3536f14e57db8079c8c6d1e8ca7487681f17d67a227501fd51bb205
.dll windows x86

cd954713d8789c282e7b9a2d0e631ac7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwDeleteValueKey
ExSystemTimeToLocalTime
ExSetTimerResolution
RtlEqualUnicodeString
RtlTimeFieldsToTime
ZwOpenProcess
IoSetHardErrorOrVerifyDevice
RtlQueryRegistryValues
RtlInitUnicodeString
RtlEnumerateGenericTable
IoRegisterDeviceInterface
KeBugCheckEx
RtlFindLeastSignificantBit
IoRequestDeviceEject
ExLocalTimeToSystemTime

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itab
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.etab
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd3
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd1
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msd2
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msd4
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd954713d8789c282e7b9a2d0e631ac7

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 10KB - Virtual size: 10KB

.itab Size: 512B - Virtual size: 64B

.idata Size: 512B - Virtual size: 484B

.etab Size: 512B - Virtual size: 512B

.msd3 Size: 512B - Virtual size: 28B

.msd1 Size: 512B - Virtual size: 140B

.msd2 Size: 512B - Virtual size: 140B

.msd4 Size: 1024B - Virtual size: 674B

.data Size: 1KB - Virtual size: 41KB

.rsrc Size: 20KB - Virtual size: 20KB

.reloc Size: 1024B - Virtual size: 640B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 10KB - Virtual size: 10KB

.itab
Size: 512B - Virtual size: 64B

.idata
Size: 512B - Virtual size: 484B

.etab
Size: 512B - Virtual size: 512B

.msd3
Size: 512B - Virtual size: 28B

.msd1
Size: 512B - Virtual size: 140B

.msd2
Size: 512B - Virtual size: 140B

.msd4
Size: 1024B - Virtual size: 674B

.data
Size: 1KB - Virtual size: 41KB

.rsrc
Size: 20KB - Virtual size: 20KB

.reloc
Size: 1024B - Virtual size: 640B