7111e89f3d8a12b5ba783fc501377bcd0bdd1c94ff08a7dde1954b6babf6d5f5

Sharing

Copy URL Twitter E-mail

General

Target

7111e89f3d8a12b5ba783fc501377bcd0bdd1c94ff08a7dde1954b6babf6d5f5
Size

140KB
MD5

82f742b1a4f2c33e41c5fa46b504e663
SHA1

8a14680702b1c10d1735002786add0a46db0addb
SHA256

7111e89f3d8a12b5ba783fc501377bcd0bdd1c94ff08a7dde1954b6babf6d5f5
SHA512

5cd3ec0fafe1dc4dd6419a4a11426db153b8158e2e2eb28815d8f048803242a59d5d6df634b74f208581d7fa1753aa3ca634a407c67a039b3afcf26290759e64
SSDEEP

3072:3AkFcHT0iCBCz5G07YPfWX+Gf3bcWRbrXAV5zny0uv6nCH:wQQbkCcB6rvBrwK0uRH

Score

N/A

Malware Config

Signatures

Files

7111e89f3d8a12b5ba783fc501377bcd0bdd1c94ff08a7dde1954b6babf6d5f5
.exe windows x86

8016af0946577978b850ddcb2536d17d

Code Sign

5c:ee:56:cf:88:3e:a3:12:24:86:8f:38:70:21:83:32:be:21:72:93
Signer

Actual PE Digest

5c:ee:56:cf:88:3e:a3:12:24:86:8f:38:70:21:83:32:be:21:72:93

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

_aullshr
_allmul
_aulldiv
RtlGetVersion
KeWaitForSingleObject
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
memset
KeQuerySystemTime
_aulldvrm
_allshl
KeTickCount
KeBugCheckEx

storport.sys

StorPortNotification
StorPortExtendedFunction
StorPortResume
StorPortGetLogicalUnit
StorPortPause
StorPortFreeRegistryBuffer
StorPortFreeDeviceBase
StorPortGetUncachedExtension
StorPortGetDeviceBase
StorPortRegistryRead
StorPortAllocateRegistryBuffer
StorPortSetDeviceQueueDepth
StorPortInitialize
StorPortReadPortUchar
StorPortReadPortUshort
StorPortReadPortUlong
StorPortReadPortBufferUchar
StorPortReadPortBufferUshort
StorPortReadPortBufferUlong
StorPortReadRegisterUchar
StorPortReadRegisterUshort
StorPortReadRegisterUlong
StorPortReadRegisterBufferUchar
StorPortReadRegisterBufferUshort
StorPortReadRegisterBufferUlong
StorPortWritePortUchar
StorPortWritePortUshort
StorPortWritePortUlong
StorPortWritePortBufferUchar
StorPortWritePortBufferUshort
StorPortWritePortBufferUlong
StorPortWriteRegisterUchar
StorPortWriteRegisterUshort
StorPortWriteRegisterUlong
StorPortWriteRegisterBufferUchar
StorPortWriteRegisterBufferUshort
StorPortWriteRegisterBufferUlong
StorPortGetBusData
StorPortSetBusDataByOffset
StorPortMoveMemory
StorPortGetScatterGatherList
StorPortStallExecution
StorPortGetPhysicalAddress
StorPortResumeDevice
StorPortPauseDevice
StorPortSynchronizeAccess
StorPortDebugPrint
ScsiPortMoveMemory
ScsiPortNotification

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8016af0946577978b850ddcb2536d17d

Code Sign

5c:ee:56:cf:88:3e:a3:12:24:86:8f:38:70:21:83:32:be:21:72:93Signer

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

storport.sys

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 512B - Virtual size: 433B

.data Size: 25KB - Virtual size: 25KB

INIT Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

5c:ee:56:cf:88:3e:a3:12:24:86:8f:38:70:21:83:32:be:21:72:93
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 512B - Virtual size: 433B

.data
Size: 25KB - Virtual size: 25KB

INIT
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB