4c43a0d995e1d567667b41806b6f8676beea7e6740e088f93d0ffed0d165c869

Sharing

Copy URL Twitter E-mail

General

Target

4c43a0d995e1d567667b41806b6f8676beea7e6740e088f93d0ffed0d165c869
Size

378KB
MD5

90b3c68bcfec3299152236659d3b58e8
SHA1

9c5dcff5feb3ab6a298a9231e03b392fbf9ed0a0
SHA256

4c43a0d995e1d567667b41806b6f8676beea7e6740e088f93d0ffed0d165c869
SHA512

69671da5bde7e2c5e62e97b7efc001360ef998793a75886300d974fa5bccc50f3c72a3ec8e61a5caaa9abff9477669a310631edf7f5db20ba0993b5bdd8e07df
SSDEEP

6144:RzgG7hQ+k9kNIzk16ffkurOpbDIgFhXYWXMHJyUooBMpacpVnYrZVxWn60u3vzNf:iYhjQ2KJPcniWgdQsyDS

Score

N/A

Malware Config

Signatures

Files

4c43a0d995e1d567667b41806b6f8676beea7e6740e088f93d0ffed0d165c869
.dll windows x86

2ea93ccf4791359e01b10a08917729a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitAnsiString
IoAttachDeviceToDeviceStack
IoStartPacket
RtlxUnicodeStringToAnsiSize
RtlInitString
KeCancelTimer
RtlCopyString
RtlInitUnicodeString
RtlUpperString
RtlClearBits
ExRaiseDatatypeMisalignment
IoIsWdmVersionAvailable
RtlEqualString
RtlEqualUnicodeString
IoGetDeviceInterfaces
ZwFsControlFile
CcSetBcbOwnerPointer
RtlFindLastBackwardRunClear
IoGetAttachedDevice
RtlUpcaseUnicodeChar
SeValidSecurityDescriptor
ExSetTimerResolution
IoAllocateController

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idat
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dir
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ihelp
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ahelp
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vdat
Size: 1024B - Virtual size: 514B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ea93ccf4791359e01b10a08917729a0

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 2KB - Virtual size: 40KB

.idat Size: 512B - Virtual size: 96B

.idata Size: 1024B - Virtual size: 668B

.dir Size: 512B - Virtual size: 28B

.ihelp Size: 512B - Virtual size: 140B

.ahelp Size: 512B - Virtual size: 140B

.init Size: 10KB - Virtual size: 9KB

.vdat Size: 1024B - Virtual size: 514B

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 504B

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 2KB - Virtual size: 40KB

.idat
Size: 512B - Virtual size: 96B

.idata
Size: 1024B - Virtual size: 668B

.dir
Size: 512B - Virtual size: 28B

.ihelp
Size: 512B - Virtual size: 140B

.ahelp
Size: 512B - Virtual size: 140B

.init
Size: 10KB - Virtual size: 9KB

.vdat
Size: 1024B - Virtual size: 514B

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 504B