51941672b0ee9e1475fba73e87e358b8afc27a6e4125a6b170b84efbdcaac2a9

Sharing

Copy URL

Twitter E-mail

General

Target

51941672b0ee9e1475fba73e87e358b8afc27a6e4125a6b170b84efbdcaac2a9
Size

1.2MB
MD5

d06ebd7fb2cd1cd9df97abd1a6fca037
SHA1

6cda1c24f349236f6dc6d28a62759af8ce77d4e3
SHA256

51941672b0ee9e1475fba73e87e358b8afc27a6e4125a6b170b84efbdcaac2a9
SHA512

793da6f8956706a9a03e8a84d4ad523ec2985287db45ea5e25e87a2c0cff51dd2dad223e7f7ff6addffb426e38fff5f6bae1a3888d2df46559386519dd27506b
SSDEEP

6144:SVQlwy6KlZ0VHyGKBhGeldEnDsAJCp/SosbPwz+W79LrTuCUYYRfK20JnX3K20J1:+yeLCps4zsMGAyKj79p6

Score

N/A

Malware Config

Signatures

Files

51941672b0ee9e1475fba73e87e358b8afc27a6e4125a6b170b84efbdcaac2a9
.exe windows x86

415b12f38d57de04b316e592a09a8c4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeWaitForSingleObject
IofCallDriver
IoBuildSynchronousFsdRequest
KeInitializeEvent
ExFreePool
ExAllocatePoolWithTag
KeDelayExecutionThread
sprintf
ZwCreateKey
RtlInitUnicodeString
ZwClose
ZwQueryValueKey
ZwSetValueKey
IoOpenDeviceRegistryKey
RtlCompareMemory
RtlQueryRegistryValues
ObfDereferenceObject
InterlockedCompareExchange
PsTerminateSystemThread
KeSetPriorityThread
KeGetCurrentThread
ObReferenceObjectByHandle
PsCreateSystemThread
RtlAppendUnicodeToString
wcslen
swprintf
IoGetDeviceInterfaces

stream.sys

StreamClassRegisterFilterWithNoKSPins
StreamClassDeviceNotification
StreamClassStreamNotification

synsam.sys

SCALER_UYVYtoI420
SCALER_UYVY_YUY2_Swap
SCALER_UYVY_YUY2_Copy
StretchFrame_x3
SCALER_UYVYtoRGBMMX
StretchFrame_UYVY_Swap
StretchFrame_UYVY_Copy
SCALER_UYVYtoRGBMMX_X2
SCALER_UYVYtoI420_X2
SCALER_UYVY_Swap_X2
SCALER_UYVY_Copy_X2
SCALER_YUY2toRGBMMX
SCALER_UYVYtoYV16
SCALER_YUY2toI420

syncamd.sys

USBCAMD_ControlVendorCommand
USBCAMD_SetFrameInterval
USBCAMD_AdapterReceivePacket
USBCAMD_SelectAlternateInterface
USBCAMD_InitializeNewInterface
USBCAMD_DescriptorLength
USBCAMD_DriverEntry

synpipe.sys

BaylorToYUYVMMX_deci_2_1
BaylorToRGB24MMX_deci_2_1
BaylorToI420MMX_deci_2_1
BaylorToYUYVMMX
BaylorToYUYVMMX_scaling_stride
BaylorToRGB24MMX
BaylorToRGB24MMX_scaling_stride
BaylorToI420MMX
BaylorToI420MMX_scaling_stride
ppl_set_gamma
ppl_set_nf88_edge_enhance_factor
ppl_set_sat
ppl_set_hue
ppl_set_contrast_c
ppl_qual_rgb_means_whole_frame
ppl_rgb_means_whole_frame
ppl_qAE_rgb_means_whole_frame
ppl_n_qAE_2x2_whole_frame
ppl_set_v_mirror
ppl_set_h_mirror
ppl_set_rgb_gain
ppl_set_mean_collection
ppl_copy_sensor_matrix
ppl_set_qual_B_min_max
ppl_set_qual_G_min_max
ppl_set_qual_R_min_max
ppl_set_qual_BmGb_m_GrmR_min_max
ppl_set_qual_BmGb_p_GrmR_min_max
ppl_set_qual_GrmR_min_max
ppl_set_qual_BmGb_min_max
ppl_set_qAE_RGB_min_max
ppl_set_medium_filter_diff_threshold
ppl_medium_filter_diff_threshold
ppl_set_nf88_medium_filter_dead_pixel_threshold_percentage
ppl_set_nf88_medium_filter_hot_pixel_threshold_percentage
ppl_set_medium_filter_dead_pixel_threshold
ppl_set_medium_filter_hot_pixel_threshold
ppl_enable_medium_filter
ppl_set_edge_threshold
ppl_set_optical_black_b_gb_gr_r
ppl_set_CFA_T1_threshold
ppl_set_CFA_T0_threshold
ppl_set_quality
IntlUYVYToRGB24MMX
IntlYUYVToI420MMX
IntlYUYVToYUYVMMX
IntlYUYVToUYVYMMX
IntlYUYVToRGB24MMX
IntlUYVYToI420MMX
IntlUYVYToYUYVMMX
IntlUYVYToUYVYMMX
ppl_disable_medium_filter
YUYVToRGB24MMX
UYVYToRGB24MMX
UYVYToI420MMX
YUYVToI420MMX
ppl_free
ppl_init

Sections

.text
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 864KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGECONS
Size: 384B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

415b12f38d57de04b316e592a09a8c4e

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

stream.sys

synsam.sys

syncamd.sys

synpipe.sys

Sections

.text Size: 265KB - Virtual size: 265KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 864KB - Virtual size: 864KB

PAGECONS Size: 384B - Virtual size: 352B

INIT Size: 3KB - Virtual size: 3KB

.reloc Size: 31KB - Virtual size: 31KB

.text
Size: 265KB - Virtual size: 265KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 864KB - Virtual size: 864KB

PAGECONS
Size: 384B - Virtual size: 352B

INIT
Size: 3KB - Virtual size: 3KB

.reloc
Size: 31KB - Virtual size: 31KB