f714228cc2d6d7e4bfd6397c13e3e0adac879be7b63237d5d54118a244fc576f

General

Target

f714228cc2d6d7e4bfd6397c13e3e0adac879be7b63237d5d54118a244fc576f
Size

20KB
MD5

2f31f54047a5f9bc41a6a1d9bab3f4c8
SHA1

c95d5fe56f88fe667487145096cd43f284f32ef1
SHA256

f714228cc2d6d7e4bfd6397c13e3e0adac879be7b63237d5d54118a244fc576f
SHA512

48a5dc23d7b2196b9ee1872808e51a4ddb6d50ed78e6ae27bed77bc56b4607bc2dc1a1790494916233b70263b710295ea9ea27a4e3cde700b80441e3542d13f1
SSDEEP

384:g6oiGvZk0NRrc4/N4mmqqSA/NZ76wXOk9NnbCd1ls1tGcOM1kAA/eJSsRWYTJW:g6oiitN5/N4mmqqSAOcOk9hbCdu4uP

Score

N/A

Malware Config

Signatures

Files

f714228cc2d6d7e4bfd6397c13e3e0adac879be7b63237d5d54118a244fc576f
.exe windows x86

4d2251242b79f8728db65d263ce093c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

pciidex.sys

AtaPortWriteRegisterUlong
AtaPortEtwTraceLog
AtaPortCopyMemory
AtaPortGetPhysicalAddress
AtaPortInitializeEx
AtaPortRegistryRead
AtaPortGetBusData
AtaPortRegistryFreeBuffer
AtaPortReadRegisterUlong
AtaPortGetUnCachedExtension
AtaPortStallExecution
AtaPortBuildRequestSenseIrb
AtaPortReadRegisterUchar
AtaPortNotification
AtaPortGetDeviceBase
AtaPortCompleteRequest
AtaPortReleaseRequestSenseIrb
AtaPortGetScatterGatherList
AtaPortRequestCallback
AtaPortRegistryAllocateBuffer
AtaPortDeviceStateChange

ntoskrnl.exe

KeTickCount
KeBugCheckEx

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 175B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 230B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d2251242b79f8728db65d263ce093c2

Headers

DLL Characteristics

File Characteristics

Imports

pciidex.sys

ntoskrnl.exe

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 512B - Virtual size: 175B

.data Size: 512B - Virtual size: 16B

INIT Size: 1024B - Virtual size: 846B

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 512B - Virtual size: 230B

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 512B - Virtual size: 175B

.data
Size: 512B - Virtual size: 16B

INIT
Size: 1024B - Virtual size: 846B

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 512B - Virtual size: 230B