d094bec36765c865113977714e49a43856b812e5a6e721167b867c7f33490a8e

Sharing

Copy URL Twitter E-mail

General

Target

d094bec36765c865113977714e49a43856b812e5a6e721167b867c7f33490a8e
Size

25KB
MD5

114e7cde25283c2872c76511ad258517
SHA1

9a56ba4b863fdc3992e33364ceece651befc4049
SHA256

d094bec36765c865113977714e49a43856b812e5a6e721167b867c7f33490a8e
SHA512

6d34440914acfb418a00cc195f1b7537398ab7016b46e1d5df909649fb915e363ba75d5faa401246dcb2f644a6c43f0dc7779084dbfb8e04328d4c793c1ef273
SSDEEP

384:E/8qvrmuGJY6ma+2kofTBzIX6Ca5MIMo8iPjyf6gU7W7eBoPcnZezHS9Wf9dVZju:kv6urxO++2/op

Score

N/A

Malware Config

Signatures

Files

d094bec36765c865113977714e49a43856b812e5a6e721167b867c7f33490a8e
.exe windows x86

e24346064d37401a267984021d2bfdf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoCreateFile
RtlAnsiStringToUnicodeString
RtlInitAnsiString
IoFreeIrp
KeSetEvent
ObfDereferenceObject
KeWaitForSingleObject
IofCallDriver
KeGetCurrentThread
KeInitializeEvent
IoAllocateIrp
IoGetRelatedDeviceObject
ObReferenceObjectByHandle
IoFileObjectType
IoCreateSymbolicLink
RtlFreeUnicodeString
ZwQuerySystemInformation
RtlInitUnicodeString
MmUserProbeAddress
ZwReadFile
ZwWriteFile
ZwCreateFile
ZwQueryInformationProcess
ZwPulseEvent
strncmp
IoGetCurrentProcess
IoDeleteDevice
IoDeleteSymbolicLink
_strupr
_strlwr
strrchr
ZwClose
IofCompleteRequest
_stricmp
IoCreateDevice
_except_handler3

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeGetCurrentIrql
KeQueryPerformanceCounter

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tpata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

toata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tnata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tmata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tlata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tkata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tjata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tiata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

thata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tgata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tfata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

teata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tdata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tcata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tbata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

taata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t9ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t8ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t7ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t6ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t5ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t4ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t3ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t2ata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

t1ata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 672B - Virtual size: 654B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e24346064d37401a267984021d2bfdf6

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 16KB - Virtual size: 16KB

tpata Size: 256B - Virtual size: 256B

toata Size: 256B - Virtual size: 256B

tnata Size: 256B - Virtual size: 256B

tmata Size: 256B - Virtual size: 256B

tlata Size: 256B - Virtual size: 256B

tkata Size: 256B - Virtual size: 256B

tjata Size: 256B - Virtual size: 256B

tiata Size: 256B - Virtual size: 256B

thata Size: 256B - Virtual size: 256B

tgata Size: 256B - Virtual size: 256B

tfata Size: 256B - Virtual size: 256B

teata Size: 256B - Virtual size: 256B

tdata Size: 256B - Virtual size: 256B

tcata Size: 256B - Virtual size: 256B

tbata Size: 256B - Virtual size: 256B

taata Size: 256B - Virtual size: 256B

t9ata Size: 256B - Virtual size: 256B

t8ata Size: 256B - Virtual size: 256B

t7ata Size: 256B - Virtual size: 256B

t6ata Size: 256B - Virtual size: 256B

t5ata Size: 256B - Virtual size: 256B

t4ata Size: 256B - Virtual size: 256B

t3ata Size: 256B - Virtual size: 256B

t2ata Size: 256B - Virtual size: 256B

t1ata Size: 512B - Virtual size: 512B

INIT Size: 1KB - Virtual size: 1KB

.reloc Size: 672B - Virtual size: 654B

.text
Size: 16KB - Virtual size: 16KB

tpata
Size: 256B - Virtual size: 256B

toata
Size: 256B - Virtual size: 256B

tnata
Size: 256B - Virtual size: 256B

tmata
Size: 256B - Virtual size: 256B

tlata
Size: 256B - Virtual size: 256B

tkata
Size: 256B - Virtual size: 256B

tjata
Size: 256B - Virtual size: 256B

tiata
Size: 256B - Virtual size: 256B

thata
Size: 256B - Virtual size: 256B

tgata
Size: 256B - Virtual size: 256B

tfata
Size: 256B - Virtual size: 256B

teata
Size: 256B - Virtual size: 256B

tdata
Size: 256B - Virtual size: 256B

tcata
Size: 256B - Virtual size: 256B

tbata
Size: 256B - Virtual size: 256B

taata
Size: 256B - Virtual size: 256B

t9ata
Size: 256B - Virtual size: 256B

t8ata
Size: 256B - Virtual size: 256B

t7ata
Size: 256B - Virtual size: 256B

t6ata
Size: 256B - Virtual size: 256B

t5ata
Size: 256B - Virtual size: 256B

t4ata
Size: 256B - Virtual size: 256B

t3ata
Size: 256B - Virtual size: 256B

t2ata
Size: 256B - Virtual size: 256B

t1ata
Size: 512B - Virtual size: 512B

INIT
Size: 1KB - Virtual size: 1KB

.reloc
Size: 672B - Virtual size: 654B