42fd9337997cc8b21e04256cd90830d9782ede54bd8415ead29ae5cfa23e3e6b

Sharing

Copy URL Twitter E-mail

General

Target

42fd9337997cc8b21e04256cd90830d9782ede54bd8415ead29ae5cfa23e3e6b
Size

13KB
MD5

362528bf4e1437ffc41643874fd53c04
SHA1

ae662ab48084309f59ca314ca6bf92c7ad02968b
SHA256

42fd9337997cc8b21e04256cd90830d9782ede54bd8415ead29ae5cfa23e3e6b
SHA512

7027c6c7387810029c7658a9b16bf78593aa58a8220c35b9079a8e5729aed995d25b3b2fca5835628048b975682140ee6cee41350ef2e56badf8572de4acfc8d
SSDEEP

384:iAz7hAwryNghol97y+tglP4oDPLkjrWSNUWl24kH0:pt2qobyiEP4o7Y9HB

Score

N/A

Malware Config

Signatures

Files

42fd9337997cc8b21e04256cd90830d9782ede54bd8415ead29ae5cfa23e3e6b
.exe windows x86

9cfa387bae720f9c98fc7713142dd13e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntoskrnl.exe

wcslen
IoAttachDeviceToDeviceStack
KeInitializeEvent
RtlFreeUnicodeString
IoCreateDevice
RtlAnsiStringToUnicodeString
RtlInitAnsiString
sprintf
IofCompleteRequest
IoDetachDevice
ExFreePool
KeWaitForSingleObject
IofCallDriver
InterlockedExchange
ZwClose
ZwSetValueKey
RtlInitUnicodeString
IoOpenDeviceRegistryKey
IoCreateSymbolicLink
RtlUnicodeStringToInteger
wcsstr
ZwQueryValueKey
IoDeleteSymbolicLink
IoDeleteDevice
ExAllocatePoolWithTag
KeSetEvent
InterlockedIncrement
InterlockedDecrement
IoBuildDeviceIoControlRequest
KeSetTimer
KeInitializeDpc
KeInitializeTimer
MmMapLockedPages
KeCancelTimer
IoCancelIrp
ProbeForRead
PoRequestPowerIrp
PoCallDriver
PoStartNextPowerIrp
RtlUnwind

usbd.sys

USBD_ParseConfigurationDescriptor
USBD_CreateConfigurationRequest
_USBD_ParseDescriptors@16

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 960B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 576B - Virtual size: 558B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cfa387bae720f9c98fc7713142dd13e

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

usbd.sys

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 384B - Virtual size: 356B

.data Size: 32B - Virtual size: 12B

PAGE Size: 7KB - Virtual size: 7KB

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 960B - Virtual size: 960B

.reloc Size: 576B - Virtual size: 558B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 384B - Virtual size: 356B

.data
Size: 32B - Virtual size: 12B

PAGE
Size: 7KB - Virtual size: 7KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 960B - Virtual size: 960B

.reloc
Size: 576B - Virtual size: 558B