82df8f47c134765f9128e6785c99a25bed7e4ee2c6b7eb253995e24834735ed2

General

Target

82df8f47c134765f9128e6785c99a25bed7e4ee2c6b7eb253995e24834735ed2
Size

31KB
MD5

3530a1e9699221020c10b66d881eba11
SHA1

44f005318fd11a81494f5787a97de1f83610a901
SHA256

82df8f47c134765f9128e6785c99a25bed7e4ee2c6b7eb253995e24834735ed2
SHA512

500671642a6114a8f57b31e5fd903cb80955048b4e6bda3fc1480e1231edbfc224c20128e44be25100e9cceb680b6d6445cf0698e4de8eafa4d6208d5a506be4
SSDEEP

768:voab0i87G2YtFUPR4A0VM7i0WGdcT4mmLG:v8ir230Kenqc0mmq

Score

N/A

Malware Config

Signatures

Files

82df8f47c134765f9128e6785c99a25bed7e4ee2c6b7eb253995e24834735ed2
.exe windows x86

5dabd104bf6f5c1013f2607f25795c9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExFreePoolWithTag
ExAllocatePool
RtlEnumerateGenericTableAvl
IoGetConfigurationInformation
KeCancelTimer
IoGetDeviceObjectPointer
ZwOpenProcess
RtlUpcaseUnicodeString
IoRegisterBootDriverReinitialization
RtlValidSecurityDescriptor
RtlCreateSecurityDescriptor
KeInitializeDpc
KeAreApcsDisabled
wcsncpy
RtlInitUnicodeString
RtlInitializeGenericTable
RtlAnsiStringToUnicodeString
RtlCompareString
VerSetConditionMask
RtlGetVersion
RtlInitString
_allmul
memset

Exports

Exports

__ExInterlockedPopEntrySList@0
__ExpInterlockedFlushSList@8

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.export
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.block
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dabd104bf6f5c1013f2607f25795c9a

Headers

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 624B

.export Size: 512B - Virtual size: 264B

.block Size: 21KB - Virtual size: 21KB

INIT Size: 1024B - Virtual size: 662B

.rsrc Size: 1024B - Virtual size: 1020B

.reloc Size: 512B - Virtual size: 242B

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 624B

.export
Size: 512B - Virtual size: 264B

.block
Size: 21KB - Virtual size: 21KB

INIT
Size: 1024B - Virtual size: 662B

.rsrc
Size: 1024B - Virtual size: 1020B

.reloc
Size: 512B - Virtual size: 242B