34bba614cea83a99d92a16591d04cfba3ae309652cc1b505a036e34e3f8f037a

Sharing

Copy URL Twitter E-mail

General

Target

34bba614cea83a99d92a16591d04cfba3ae309652cc1b505a036e34e3f8f037a
Size

45KB
MD5

2ef9c0dc26b30b2318b1fc3faa1f0ae7
SHA1

e6b83c5835a999fe606a2ccc923e046362505a88
SHA256

34bba614cea83a99d92a16591d04cfba3ae309652cc1b505a036e34e3f8f037a
SHA512

c4595c061b44f9e7ddcd9fd7f301094c66301b9ce4680f3df2362e03b2d87f3fa829f6a8c8101106e03e38954154633771300292a84ec57ee23959b8e821d1b7
SSDEEP

768:JS5VJB3UOZtP0Ye1fR3ryMb4/rZE3ZOv7771fRR0fbmyuqcOT9zXS4d3PlQieCwi:JeZZtcYe1fRbT4/rZECH1fRR0DzB3Plh

Score

N/A

Malware Config

Signatures

Files

34bba614cea83a99d92a16591d04cfba3ae309652cc1b505a036e34e3f8f037a
.exe windows x86

c965143937852a5f46344a54c8c521c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

_alldiv
ExDeleteNPagedLookasideList
ExInitializeNPagedLookasideList
InterlockedPopEntrySList
InterlockedPushEntrySList

hal

READ_PORT_ULONG
KeStallExecutionProcessor
READ_PORT_USHORT
WRITE_PORT_USHORT
WRITE_PORT_UCHAR
WRITE_PORT_ULONG
READ_PORT_UCHAR

ndis.sys

NdisMRegisterAdapterShutdownHandler
NdisMSleep
NdisMDeregisterAdapterShutdownHandler
NdisMSynchronizeWithInterrupt
NdisCloseConfiguration
NdisMInitializeTimer
NdisInterlockedDecrement
NdisMRegisterInterrupt
NdisWriteErrorLogEntry
NdisMMapIoSpace
NdisMRegisterIoPortRange
NdisMSetAttributesEx
NdisReleaseSpinLock
NdisAcquireSpinLock
NdisMRemoveMiniport
NdisSetEvent
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisMDeregisterInterrupt
NdisMCancelTimer
NdisMRegisterMiniport
NdisInitializeWrapper
NdisMQueryAdapterResources
NdisWritePciSlotInformation
NdisReadPciSlotInformation
NdisAllocateSpinLock
NdisInitializeEvent
NdisInterlockedIncrement
NdisAllocateMemoryWithTag
NdisReadNetworkAddress
NdisReadConfiguration
NdisOpenConfiguration
NdisAllocatePacketPoolEx
NdisMFreeSharedMemory
NdisAllocateBuffer
NdisMAllocateSharedMemory
NdisMGetDmaAlignment
NdisAllocateBufferPool
NdisMAllocateMapRegisters
NdisMInitializeScatterGatherDma
NdisSystemProcessorCount
NdisFreePacket
NdisAllocatePacket
NdisFreeBuffer
NdisFreeSpinLock
NdisMFreeMapRegisters
NdisFreeMemory
NdisFreePacketPool
NdisFreeBufferPool
NdisMDeregisterIoPortRange
NdisMUnmapIoSpace
NdisMCompleteBufferPhysicalMapping
NdisAdjustBufferLength
NdisQueryBufferSafe
NdisMStartBufferPhysicalMapping
NdisGetCurrentSystemTime
NdisDprReleaseSpinLock
NdisDprAcquireSpinLock
NdisSetTimer

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c965143937852a5f46344a54c8c521c9

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

ndis.sys

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

PAGE Size: 1KB - Virtual size: 1KB

INIT Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

PAGE
Size: 1KB - Virtual size: 1KB

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB