3e99db4aaa7f9db3647945670f1e6ca98a8edebf05bb80ef820488b692aa5d95

Sharing

Copy URL

Twitter E-mail

General

Target

3e99db4aaa7f9db3647945670f1e6ca98a8edebf05bb80ef820488b692aa5d95
Size

54KB
MD5

71cbf8abf0191d938e1643a1318536e3
SHA1

a9816fd82ce1df6be614f1348224a4e58215016b
SHA256

3e99db4aaa7f9db3647945670f1e6ca98a8edebf05bb80ef820488b692aa5d95
SHA512

7628c275f472c660ec98b1d26f5c37b6c20a45af7ed14734f034978a6fd4a60bb8398d2bc2bc0cf1da96b979602356ab82bc70e9a7ddb46ce7191668e2ada861
SSDEEP

768:54hh5OO6URqK4Gk/liW+Jxt0T0uXEU5f/XPBQCLHbr0x33HL2/Cl:54f51NZJ7m7XEU5f/XPBQCL7rarp

Score

N/A

Malware Config

Signatures

Files

3e99db4aaa7f9db3647945670f1e6ca98a8edebf05bb80ef820488b692aa5d95
.exe windows x86

005f98a10765a9d2ceeffc94b6aa9c73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeInitializeSpinLock
KefAcquireSpinLockAtDpcLevel
memcpy
KefReleaseSpinLockFromDpcLevel
PoStartNextPowerIrp
IoAllocateMdl
IoFreeMdl
MmMapLockedPagesSpecifyCache
MmBuildMdlForNonPagedPool
MmProbeAndLockPages
MmUnlockPages
MmSizeOfMdl
MmUnmapLockedPages
ObfDereferenceObject
KeSetEvent
KeInitializeDpc
KeInsertQueueDpc
IoGetDmaAdapter
KeSynchronizeExecution
KeCancelTimer
MmUnmapIoSpace
READ_REGISTER_UCHAR
READ_REGISTER_BUFFER_UCHAR
WRITE_REGISTER_UCHAR
WRITE_REGISTER_BUFFER_UCHAR
READ_REGISTER_USHORT
READ_REGISTER_BUFFER_USHORT
WRITE_REGISTER_USHORT
WRITE_REGISTER_BUFFER_USHORT
READ_REGISTER_ULONG
READ_REGISTER_BUFFER_ULONG
WRITE_REGISTER_ULONG
WRITE_REGISTER_BUFFER_ULONG
IofCompleteRequest
PoCallDriver
IofCallDriver
memset
IoGetDeviceProperty
RtlInitUnicodeString
ExSetTimerResolution
KeWaitForSingleObject
PoSetPowerState
KeSetTimer
KeSetTimerEx
KeInitializeTimer
KeTickCount
KeBugCheckEx
ZwClose
RtlUnwind
RtlAppendUnicodeStringToString
IoDeleteDevice
IoAttachDeviceToDeviceStack
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoCreateDevice
ZwOpenKey
ZwCreateKey
memmove
RtlCopyUnicodeString
IoConnectInterrupt
IoDisconnectInterrupt
IoAllocateIrp
IoFreeIrp
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
IoAcquireCancelSpinLock
IoReleaseCancelSpinLock
InterlockedExchange
KeClearEvent
IoDetachDevice
InterlockedIncrement
InterlockedDecrement
ExFreePool
IoCancelIrp
RtlFreeUnicodeString
PoRequestPowerIrp
IoRegisterDeviceInterface
IoSetDeviceInterfaceState
ExQueueWorkItem
KeReleaseMutex
ObReferenceObjectByHandle
KeInitializeEvent
ExAllocatePool
MmMapIoSpace
ZwUnmapViewOfSection
ZwMapViewOfSection
ZwOpenSection
KeInitializeMutex
KeRemoveEntryDeviceQueue

hal

KeGetCurrentIrql
KfLowerIrql
KeQueryPerformanceCounter
KfReleaseSpinLock
KfAcquireSpinLock

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 237B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 128B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.STL
Size: 128B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

005f98a10765a9d2ceeffc94b6aa9c73

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 256B - Virtual size: 237B

.CRT Size: 128B - Virtual size: 16B

.STL Size: 128B - Virtual size: 16B

PAGE Size: 2KB - Virtual size: 2KB

INIT Size: 3KB - Virtual size: 3KB

.rsrc Size: 128B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 256B - Virtual size: 237B

.CRT
Size: 128B - Virtual size: 16B

.STL
Size: 128B - Virtual size: 16B

PAGE
Size: 2KB - Virtual size: 2KB

INIT
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 128B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB