88b71f415a86dae5dbc9fbcaa97a16561540bcd80ae4f76d6dc45ebc2ea15f03

Sharing

Copy URL Twitter E-mail

General

Target

88b71f415a86dae5dbc9fbcaa97a16561540bcd80ae4f76d6dc45ebc2ea15f03
Size

14KB
MD5

6b61c5b8e23c98ad3ed5e3704de3a9bd
SHA1

ac9742d0f1526ce598e0cdb972cd7e2ee7c8bc31
SHA256

88b71f415a86dae5dbc9fbcaa97a16561540bcd80ae4f76d6dc45ebc2ea15f03
SHA512

1245cc300bbe598d8cf94a2bac880b1359e46548bc5bb2d0491ea7988ab7fd8da752d0ded78b69846821f9f563e7340dad42d7d64b6fdb328d2e8f7e3c0246b2
SSDEEP

192:+Jbq53cX1rk4avToeyPkUtSveN77fNFLAl2QeA+0Xkvyq6n3lQtzXCP:KmhahPZN77fsZA+lkzX

Score

N/A

Malware Config

Signatures

Files

88b71f415a86dae5dbc9fbcaa97a16561540bcd80ae4f76d6dc45ebc2ea15f03
.exe windows x86

bd65b9b7adaba7f356455519be7b2c60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoFreeMdl
MmUnlockPages
DbgPrint
IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
ExFreePoolWithTag
_stricmp
strrchr
ExAllocatePoolWithTag
ZwQuerySystemInformation
ObfDereferenceObject
IoDriverObjectType
MmGetSystemRoutineAddress
RtlFreeUnicodeString
ZwCreateFile
RtlAnsiStringToUnicodeString
RtlInitAnsiString
KeSetEvent
ZwReadFile
ZwQueryInformationFile
KeWaitForSingleObject
KeGetCurrentThread
MmProbeAndLockPages
IoAllocateMdl
IoAllocateIrp
KeInitializeEvent
IoGetCurrentProcess
ObReferenceObjectByHandle
IoFileObjectType
_allmul
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
KeTickCount
KeBugCheckEx
ZwClose
IoFreeIrp

hal

KeStallExecutionProcessor

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 896B - Virtual size: 813B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 640B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

y3ata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

y2ata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

y1ata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 640B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd65b9b7adaba7f356455519be7b2c60

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 896B - Virtual size: 813B

.data Size: 640B - Virtual size: 616B

y3ata Size: 1024B - Virtual size: 1024B

y2ata Size: 1024B - Virtual size: 1024B

y1ata Size: 1024B - Virtual size: 1024B

INIT Size: 1KB - Virtual size: 1KB

.reloc Size: 640B - Virtual size: 532B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 896B - Virtual size: 813B

.data
Size: 640B - Virtual size: 616B

y3ata
Size: 1024B - Virtual size: 1024B

y2ata
Size: 1024B - Virtual size: 1024B

y1ata
Size: 1024B - Virtual size: 1024B

INIT
Size: 1KB - Virtual size: 1KB

.reloc
Size: 640B - Virtual size: 532B