7ec31677790253ab7c29570168a0013ca2e2e8bbe6a3861e51e8ad71d1a5941e

Sharing

Copy URL Twitter E-mail

General

Target

7ec31677790253ab7c29570168a0013ca2e2e8bbe6a3861e51e8ad71d1a5941e
Size

42KB
MD5

a32f05f10c96775182df1863386ef5e0
SHA1

db9656e0f6b22c40ca974e12a588497af97df2a2
SHA256

7ec31677790253ab7c29570168a0013ca2e2e8bbe6a3861e51e8ad71d1a5941e
SHA512

bec1fbbf69efe0b3ba8306f519c1b17a4e5dbf0ecbfff51b0edff63b5c200e90477265f0b089a3d1ca11cf713e8c1561c1fb54a45c2288aee0cd14f16ef16687
SSDEEP

768:KPlIAI+740940940940940940940ZHyc/NmbIyv6ur2a:KP+AIBFci683

Score

N/A

Malware Config

Signatures

Files

7ec31677790253ab7c29570168a0013ca2e2e8bbe6a3861e51e8ad71d1a5941e
.exe windows x86

157084b9581f7e922467c94c39875fb8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlAnsiStringToUnicodeString
RtlInitAnsiString
IoFreeIrp
KeSetEvent
ObfDereferenceObject
KeWaitForSingleObject
IofCallDriver
KeGetCurrentThread
KeInitializeEvent
IoAllocateIrp
IoGetRelatedDeviceObject
ObReferenceObjectByHandle
IoFileObjectType
IoCreateFile
IoGetCurrentProcess
_strlwr
ZwQuerySystemInformation
strrchr
IoDeleteDevice
IoDeleteSymbolicLink
ZwCreateFile
ZwPulseEvent
IoCreateSymbolicLink
IoCreateDevice
MmUserProbeAddress
RtlFreeUnicodeString
ZwClose
IofCompleteRequest
_stricmp
strncmp
_except_handler3

hal

KfReleaseSpinLock
KeRaiseIrqlToDpcLevel
KfLowerIrql
KeGetCurrentIrql
KfAcquireSpinLock

Sections

e6ypYhs
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1wata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1vata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1uata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1tata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1sata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1rata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1qata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1pata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1oata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1nata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1mata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1lata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1kata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1jata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1iata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1hata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1gata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1fata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1eata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1data
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1cata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1bata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t1aata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t19ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t18ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t17ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t16ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t15ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t14ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t13ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t12ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

t11ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tzata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tyata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

txata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

twata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tvata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tuata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ttata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tsata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

trata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tqata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tpata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.toata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tnata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tmata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tlata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tkata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tjata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tiata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.thata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tgata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tfata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.teata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tdata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tcata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tbata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.taata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t9ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t8ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t7ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t6ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t5ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t4ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t3ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t2ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t1ata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 960B - Virtual size: 930B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 928B - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

157084b9581f7e922467c94c39875fb8

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

e6ypYhs Size: 17KB - Virtual size: 17KB

t1wata Size: 256B - Virtual size: 256B

t1vata Size: 256B - Virtual size: 256B

t1uata Size: 256B - Virtual size: 256B

t1tata Size: 256B - Virtual size: 256B

t1sata Size: 256B - Virtual size: 256B

t1rata Size: 256B - Virtual size: 256B

t1qata Size: 256B - Virtual size: 256B

t1pata Size: 256B - Virtual size: 256B

t1oata Size: 256B - Virtual size: 256B

t1nata Size: 256B - Virtual size: 256B

t1mata Size: 256B - Virtual size: 256B

t1lata Size: 256B - Virtual size: 256B

t1kata Size: 256B - Virtual size: 256B

t1jata Size: 256B - Virtual size: 256B

t1iata Size: 256B - Virtual size: 256B

t1hata Size: 256B - Virtual size: 256B

t1gata Size: 256B - Virtual size: 256B

t1fata Size: 256B - Virtual size: 256B

t1eata Size: 256B - Virtual size: 256B

t1data Size: 256B - Virtual size: 256B

t1cata Size: 256B - Virtual size: 256B

t1bata Size: 256B - Virtual size: 256B

t1aata Size: 256B - Virtual size: 256B

t19ata Size: 256B - Virtual size: 256B

t18ata Size: 256B - Virtual size: 256B

t17ata Size: 256B - Virtual size: 256B

t16ata Size: 256B - Virtual size: 256B

t15ata Size: 256B - Virtual size: 256B

t14ata Size: 256B - Virtual size: 256B

t13ata Size: 256B - Virtual size: 256B

t12ata Size: 256B - Virtual size: 256B

t11ata Size: 256B - Virtual size: 256B

tzata Size: 256B - Virtual size: 256B

tyata Size: 256B - Virtual size: 256B

txata Size: 256B - Virtual size: 256B

twata Size: 256B - Virtual size: 256B

tvata Size: 256B - Virtual size: 256B

tuata Size: 256B - Virtual size: 256B

ttata Size: 256B - Virtual size: 256B

tsata Size: 256B - Virtual size: 256B

trata Size: 256B - Virtual size: 256B

tqata Size: 256B - Virtual size: 256B

tpata Size: 256B - Virtual size: 256B

.toata Size: 256B - Virtual size: 256B

.tnata Size: 256B - Virtual size: 256B

.tmata Size: 256B - Virtual size: 256B

.tlata Size: 256B - Virtual size: 256B

.tkata Size: 256B - Virtual size: 256B

.tjata Size: 256B - Virtual size: 256B

.tiata Size: 256B - Virtual size: 256B

.thata Size: 256B - Virtual size: 256B

.tgata Size: 256B - Virtual size: 256B

.tfata Size: 256B - Virtual size: 256B

.teata Size: 256B - Virtual size: 256B

.tdata Size: 256B - Virtual size: 256B

.tcata Size: 256B - Virtual size: 256B

.tbata Size: 256B - Virtual size: 256B

.taata Size: 256B - Virtual size: 256B

.t9ata Size: 256B - Virtual size: 256B

.t8ata Size: 256B - Virtual size: 256B

.t7ata Size: 256B - Virtual size: 256B

.t6ata Size: 256B - Virtual size: 256B

.t5ata Size: 256B - Virtual size: 256B

.t4ata Size: 256B - Virtual size: 256B

.t3ata Size: 256B - Virtual size: 256B

.t2ata Size: 256B - Virtual size: 256B

.t1ata Size: 512B - Virtual size: 512B

e6ypYhs
Size: 17KB - Virtual size: 17KB

t1wata
Size: 256B - Virtual size: 256B

t1vata
Size: 256B - Virtual size: 256B

t1uata
Size: 256B - Virtual size: 256B

t1tata
Size: 256B - Virtual size: 256B

t1sata
Size: 256B - Virtual size: 256B

t1rata
Size: 256B - Virtual size: 256B

t1qata
Size: 256B - Virtual size: 256B

t1pata
Size: 256B - Virtual size: 256B

t1oata
Size: 256B - Virtual size: 256B

t1nata
Size: 256B - Virtual size: 256B

t1mata
Size: 256B - Virtual size: 256B

t1lata
Size: 256B - Virtual size: 256B

t1kata
Size: 256B - Virtual size: 256B

t1jata
Size: 256B - Virtual size: 256B

t1iata
Size: 256B - Virtual size: 256B

t1hata
Size: 256B - Virtual size: 256B

t1gata
Size: 256B - Virtual size: 256B

t1fata
Size: 256B - Virtual size: 256B

t1eata
Size: 256B - Virtual size: 256B

t1data
Size: 256B - Virtual size: 256B

t1cata
Size: 256B - Virtual size: 256B

t1bata
Size: 256B - Virtual size: 256B

t1aata
Size: 256B - Virtual size: 256B

t19ata
Size: 256B - Virtual size: 256B

t18ata
Size: 256B - Virtual size: 256B

t17ata
Size: 256B - Virtual size: 256B

t16ata
Size: 256B - Virtual size: 256B

t15ata
Size: 256B - Virtual size: 256B

t14ata
Size: 256B - Virtual size: 256B

t13ata
Size: 256B - Virtual size: 256B

t12ata
Size: 256B - Virtual size: 256B

t11ata
Size: 256B - Virtual size: 256B

tzata
Size: 256B - Virtual size: 256B

tyata
Size: 256B - Virtual size: 256B

txata
Size: 256B - Virtual size: 256B

twata
Size: 256B - Virtual size: 256B

tvata
Size: 256B - Virtual size: 256B

tuata
Size: 256B - Virtual size: 256B

ttata
Size: 256B - Virtual size: 256B

tsata
Size: 256B - Virtual size: 256B

trata
Size: 256B - Virtual size: 256B

tqata
Size: 256B - Virtual size: 256B

tpata
Size: 256B - Virtual size: 256B

.toata
Size: 256B - Virtual size: 256B

.tnata
Size: 256B - Virtual size: 256B

.tmata
Size: 256B - Virtual size: 256B

.tlata
Size: 256B - Virtual size: 256B

.tkata
Size: 256B - Virtual size: 256B

.tjata
Size: 256B - Virtual size: 256B

.tiata
Size: 256B - Virtual size: 256B

.thata
Size: 256B - Virtual size: 256B

.tgata
Size: 256B - Virtual size: 256B

.tfata
Size: 256B - Virtual size: 256B

.teata
Size: 256B - Virtual size: 256B

.tdata
Size: 256B - Virtual size: 256B

.tcata
Size: 256B - Virtual size: 256B

.tbata
Size: 256B - Virtual size: 256B

.taata
Size: 256B - Virtual size: 256B

.t9ata
Size: 256B - Virtual size: 256B

.t8ata
Size: 256B - Virtual size: 256B

.t7ata
Size: 256B - Virtual size: 256B

.t6ata
Size: 256B - Virtual size: 256B

.t5ata
Size: 256B - Virtual size: 256B

.t4ata
Size: 256B - Virtual size: 256B

.t3ata
Size: 256B - Virtual size: 256B

.t2ata
Size: 256B - Virtual size: 256B

.t1ata
Size: 512B - Virtual size: 512B

.rata
Size: 2KB - Virtual size: 2KB

INIT
Size: 960B - Virtual size: 930B

.reloc
Size: 928B - Virtual size: 922B