0fc5d02475966597a67a49b1b341df58b340e187bc646b9ad549ee0df3db9b02

Sharing

Copy URL

Twitter E-mail

General

Target

0fc5d02475966597a67a49b1b341df58b340e187bc646b9ad549ee0df3db9b02
Size

28KB
MD5

86f433cbfea92adc9c1268ad1f117003
SHA1

305269cb82e6763f5255bd57c773f1410e006dfe
SHA256

0fc5d02475966597a67a49b1b341df58b340e187bc646b9ad549ee0df3db9b02
SHA512

2577bdd5f4b8db19ae179e24a0defb62e0594422fddd86f130707769a1ba4e0acb58616d1bfc3be54ded4f7079c7b23f3b0567c7a94f191eda56667a24efdd36
SSDEEP

768:bIr1jOd5MiSvhA/WHKzOBzLXEMitmJOi/K1dIWt:+Oa5ozivX4UKHI

Score

N/A

Malware Config

Signatures

Files

0fc5d02475966597a67a49b1b341df58b340e187bc646b9ad549ee0df3db9b02
.exe windows x86

995ee1cd4a4e658cab24a49917957b33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeSetEvent
IofCallDriver
IoAttachDeviceToDeviceStack
InterlockedDecrement
IoRegisterDeviceInterface
InterlockedIncrement
KeClearEvent
IofCompleteRequest
IoReleaseCancelSpinLock
IoAcquireCancelSpinLock
InterlockedExchange
ExQueueWorkItem
KeDelayExecutionThread
memmove
ExAllocatePool
RtlInitUnicodeString
memset
KeCancelTimer
KeWaitForSingleObject
IoBuildDeviceIoControlRequest
IoFreeIrp
IoAllocateIrp
IoDeleteDevice
IoCancelIrp
KeReadStateTimer
KeSetTimer
KeInitializeDpc
KeInitializeTimer
PoSetPowerState
IoDeleteSymbolicLink
IoSetDeviceInterfaceState
IoCreateSymbolicLink
RtlAppendUnicodeStringToString
ZwSetValueKey
RtlAppendUnicodeToString
ZwClose
IoOpenDeviceRegistryKey
RtlIntegerToUnicodeString
RtlFreeUnicodeString
IoCreateDevice
IoDetachDevice
PoStartNextPowerIrp
PoCallDriver
KeInitializeEvent
KeInitializeSpinLock
memcpy
KeResetEvent
KeTickCount
KeBugCheckEx
ExFreePool

hal

KfRaiseIrql
KfLowerIrql
KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

995ee1cd4a4e658cab24a49917957b33

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

usbd.sys

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 512B - Virtual size: 396B

.data Size: 128B - Virtual size: 52B

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 512B - Virtual size: 396B

.data
Size: 128B - Virtual size: 52B

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB