abcb0e5e16f3a1808975804136c68a04e4db7911b4a320c6d58882c93349e560

Sharing

Copy URL Twitter E-mail

General

Target

abcb0e5e16f3a1808975804136c68a04e4db7911b4a320c6d58882c93349e560
Size

25KB
MD5

3bf913f0fc49111e7663d06e49d22330
SHA1

4c0e3f6a684ba439bc2083a68e34985d8cd41514
SHA256

abcb0e5e16f3a1808975804136c68a04e4db7911b4a320c6d58882c93349e560
SHA512

47ed6091ca37fcf3bfa492d5ea21e6b912ab29d4f6b7e56fd6ab68e683c8e981fd9cf6c88afa545d4ae6e7befcdb49452dd86fcf375a098ea32d127316058345
SSDEEP

768:W8jEZljjBkd//qx6l0FG7ali29nbS0XDv:WXbx9P9btT

Score

N/A

Malware Config

Signatures

Files

abcb0e5e16f3a1808975804136c68a04e4db7911b4a320c6d58882c93349e560
.exe windows x86

928aa973bef9f11652b45b070701ae74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

_except_handler3
ZwQuerySystemInformation
ExFreePool
_stricmp
strrchr
ExAllocatePoolWithTag
ObReferenceObjectByHandle
RtlFreeUnicodeString
IoCreateFile
RtlAnsiStringToUnicodeString
RtlInitAnsiString
IoFreeIrp
KeSetEvent
ObfDereferenceObject
KeWaitForSingleObject
IofCallDriver
KeGetCurrentThread
KeInitializeEvent
IoAllocateIrp
IoGetRelatedDeviceObject
IoFileObjectType
IofCompleteRequest
strncmp
IoGetCurrentProcess
IoDeleteDevice
IoDeleteSymbolicLink
ZwPulseEvent
IoCreateSymbolicLink
IoCreateDevice
ProbeForRead
PsCreateSystemThread
MmUnlockPages
MmUnmapIoSpace
MmCreateMdl
KeWaitForMultipleObjects
KePulseEvent
KeInitializeTimer
KeInitializeMutex
KeInitializeSemaphore
MmMapIoSpace
KeTickCount
KeBugCheckEx

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 768B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sosata2
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sosata1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tbata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.taata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t9ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t8ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t7ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t6ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t5ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t4ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t3ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t2ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t1ata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ESTisb
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 896B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

928aa973bef9f11652b45b070701ae74

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 768B - Virtual size: 716B

sosata2 Size: 128B - Virtual size: 28B

sosata1 Size: 4KB - Virtual size: 4KB

.tbata Size: 256B - Virtual size: 256B

.taata Size: 256B - Virtual size: 256B

.t9ata Size: 256B - Virtual size: 256B

.t8ata Size: 256B - Virtual size: 256B

.t7ata Size: 256B - Virtual size: 256B

.t6ata Size: 256B - Virtual size: 256B

.t5ata Size: 256B - Virtual size: 256B

.t4ata Size: 256B - Virtual size: 256B

.t3ata Size: 256B - Virtual size: 256B

.t2ata Size: 256B - Virtual size: 256B

.t1ata Size: 512B - Virtual size: 512B

.ESTisb Size: 2KB - Virtual size: 2KB

INIT Size: 1KB - Virtual size: 1KB

.reloc Size: 896B - Virtual size: 844B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 768B - Virtual size: 716B

sosata2
Size: 128B - Virtual size: 28B

sosata1
Size: 4KB - Virtual size: 4KB

.tbata
Size: 256B - Virtual size: 256B

.taata
Size: 256B - Virtual size: 256B

.t9ata
Size: 256B - Virtual size: 256B

.t8ata
Size: 256B - Virtual size: 256B

.t7ata
Size: 256B - Virtual size: 256B

.t6ata
Size: 256B - Virtual size: 256B

.t5ata
Size: 256B - Virtual size: 256B

.t4ata
Size: 256B - Virtual size: 256B

.t3ata
Size: 256B - Virtual size: 256B

.t2ata
Size: 256B - Virtual size: 256B

.t1ata
Size: 512B - Virtual size: 512B

.ESTisb
Size: 2KB - Virtual size: 2KB

INIT
Size: 1KB - Virtual size: 1KB

.reloc
Size: 896B - Virtual size: 844B