096362578b21bbe259086ab5080842b72a2a7b28c693b51d5f7bc73ba2bfdb2f

Sharing

Copy URL Twitter E-mail

General

Target

096362578b21bbe259086ab5080842b72a2a7b28c693b51d5f7bc73ba2bfdb2f
Size

35KB
MD5

0547158fae143a60a143a3f58e27e2a8
SHA1

90ff51aa0eb176088067ed2dac64844b78aa8256
SHA256

096362578b21bbe259086ab5080842b72a2a7b28c693b51d5f7bc73ba2bfdb2f
SHA512

203cfea01df4fe83fd44cb02a36b23749453653015f5f855c03660b5297bec440a80f6b5dba020b10393959eacf44db01853196ad33658916a8edacd388d1518
SSDEEP

768:QgeJpBApQnLs/oGMjZYEY/kETW/VbwTCJFgQgkV:QgeJpBAinQAGMjZYpktu+JFgQgkV

Score

N/A

Malware Config

Signatures

Files

096362578b21bbe259086ab5080842b72a2a7b28c693b51d5f7bc73ba2bfdb2f
.exe windows x86

2a7faa69cfee2416e3d62673a51c91e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoFreeIrp
IoFreeMdl
IoWMIRegistrationControl
ExfInterlockedPopEntryList
KeInitializeSpinLock
ExQueueWorkItem
ExfInterlockedPushEntryList
MmBuildMdlForNonPagedPool
IoAllocateMdl
ZwQueryValueKey
RtlUnicodeStringToInteger
IoReadDiskSignature
ZwOpenKey
IoReadPartitionTable
DbgPrint
IoReadPartitionTableEx
IoWritePartitionTableEx
IoSetPartitionInformationEx
IoSetPartitionInformation
IoRegisterBootDriverReinitialization
IoGetConfigurationInformation
RtlQueryRegistryValues
IoOpenDeviceRegistryKey
RtlxAnsiStringToUnicodeSize
NlsMbCodePageTag
RtlAnsiStringToUnicodeString
RtlInitAnsiString
sprintf
IoCreateSymbolicLink
IoDeleteSymbolicLink
RtlFreeUnicodeString
IoSetDeviceInterfaceState
KeInitializeMutex
InitSafeBootMode
IoRegisterDeviceInterface
HalExamineMBR
KeTickCount
KeBugCheckEx
_allmul
_allrem
IoAllocateWorkItem
IoQueueWorkItem
IoReportTargetDeviceChangeAsynchronous
IoBuildDeviceIoControlRequest
IoBuildSynchronousFsdRequest
IoInvalidateDeviceRelations
memmove
IoCreateDisk
IoAllocateErrorLogEntry
IoWriteErrorLogEntry
IoAllocateIrp
IofCallDriver
_allshr
IoFreeWorkItem
KeWaitForSingleObject
KeReleaseMutex
ExAllocatePoolWithTag
KeSetEvent
strncmp
IoSetHardErrorOrVerifyDevice
swprintf
RtlInitUnicodeString
ZwCreateDirectoryObject
IoGetAttachedDeviceReference
ZwMakeTemporaryObject
ZwClose
ExFreePoolWithTag
IoAttachDeviceToDeviceStack
IoDeleteDevice
KeInitializeEvent
IoVerifyPartitionTable
ObfDereferenceObject

classpnp.sys

ClassQueryTimeOutRegistryValue
ClassUpdateInformationInRegistry
ClassInitializeMediaChangeDetection
ClassGetDeviceParameter
ClassDeleteSrbLookasideList
ClassReadDriveCapacity
ClassSignalCompletion
ClassMarkChildMissing
ClassInitializeSrbLookasideList
ClassNotifyFailurePredicted
ClassSetFailurePredictionPoll
ClassWmiCompleteRequest
ClassInterpretSenseInfo
ClassSpinDownPowerHandler
ClassInitialize
ClassInitializeEx
ClassSendDeviceIoControlSynchronous
ClassAcquireChildLock
ClassReleaseChildLock
ClassDeviceControl
ClassInvalidateBusRelations
ClassSetDeviceParameter
ClassModeSense
ClassFindModePage
ClassAcquireRemoveLockEx
ClassAsynchronousCompletion
ClassSendSrbSynchronous
ClassIoComplete
ClassReleaseRemoveLock
ClassCompleteRequest
ClassClaimDevice
ClassCreateDeviceObject
ClassScanForSpecial

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 384B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 384B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a7faa69cfee2416e3d62673a51c91e5

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

classpnp.sys

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 384B - Virtual size: 264B

PAGE Size: 17KB - Virtual size: 17KB

PAGE Size: 384B - Virtual size: 336B

INIT Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 992B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 384B - Virtual size: 264B

PAGE
Size: 17KB - Virtual size: 17KB

PAGE
Size: 384B - Virtual size: 336B

INIT
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 992B

.reloc
Size: 1KB - Virtual size: 1KB