0c90dd7ea6aba715ac705c21e5b3e0b845053bc2f7999bd7e5ab134fd9b5a629

Sharing

Copy URL Twitter E-mail

General

Target

0c90dd7ea6aba715ac705c21e5b3e0b845053bc2f7999bd7e5ab134fd9b5a629
Size

33KB
MD5

12990534493af47645edd93d14533ea9
SHA1

c53875282e760a627f7ad99dd89cb022bd50f57c
SHA256

0c90dd7ea6aba715ac705c21e5b3e0b845053bc2f7999bd7e5ab134fd9b5a629
SHA512

6a6e24ca95640fdeb098fc6356bcfdcc3e96ef77c0864d6d195ddb214a3423fd6a620e9c277a3cb91783e2f0aa96a0ad8a3c53dbd18670517a8d0519689372fd
SSDEEP

768:0IMt7tBIi72MYQhMCCRp/s31aUptagoKj:ut7tB172MdtipUgUHagoKj

Score

N/A

Malware Config

Signatures

Files

0c90dd7ea6aba715ac705c21e5b3e0b845053bc2f7999bd7e5ab134fd9b5a629
.exe windows x64

129cd2f107198b0337fc5425f600b2c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

KeBugCheckEx
KeInitializeSemaphore
PsCreateSystemThread
KeWaitForMultipleObjects
PsTerminateSystemThread
ZwClose
ExInterlockedRemoveHeadList
ExInterlockedInsertTailList
KeReleaseSemaphore
KeAcquireSpinLockAtDpcLevel
KeReleaseSpinLockFromDpcLevel
RtlInitUnicodeString
IofCompleteRequest
MmMapLockedPagesSpecifyCache
IoFreeMdl
ExAllocatePoolWithTag
ExFreePoolWithTag
__C_specific_handler
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock

ndis.sys

NdisWaitEvent
NdisInitializeTimer
NdisSetTimer
NdisCancelTimer
NdisGetSystemUpTime
NdisGetReceivedPacket
NdisDprAllocatePacket
NdisIMCancelInitializeDeviceInstance
NdisIMDeInitializeDeviceInstance
NdisOpenProtocolConfiguration
NdisReadConfiguration
NdisAllocateMemoryWithTag
NdisInitializeEvent
NdisAllocatePacketPoolEx
NdisAllocateBufferPool
NdisOpenAdapter
NdisIMInitializeDeviceInstanceEx
NdisCloseConfiguration
NdisReEnumerateProtocolBindings
NdisIMNotifyPnPEvent
NdisDprFreePacket
NdisSetEvent
NdisMSetAttributesEx
NdisIMGetDeviceContext
NdisFreePacket
NdisIMCopySendCompletePerPacketInfo
NdisIMCopySendPerPacketInfo
NdisAllocatePacket
NdisIMGetCurrentPacketStack
NdisAllocateBuffer
NdisRequest
NdisCancelSendPackets
NdisFreePacketPool
NdisReturnPackets
NdisGetPoolFromPacket
NdisFreeMemory
NdisFreeBufferPool
NdisDeregisterProtocol
NdisCloseAdapter
NdisResetEvent
NdisMDeregisterDevice
NdisIMDeregisterLayeredMiniport
NdisTerminateWrapper
NdisIMAssociateMiniport
NdisRegisterProtocol
NdisMRegisterUnloadHandler
NdisIMRegisterLayeredMiniport
NdisInitializeWrapper
NdisMRegisterDevice
NdisMSleep

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

129cd2f107198b0337fc5425f600b2c2

Headers

File Characteristics

Imports

ntoskrnl.exe

ndis.sys

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 896B

.pdata Size: 1KB - Virtual size: 1KB

INIT Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 936B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 896B

.pdata
Size: 1KB - Virtual size: 1KB

INIT
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 936B