f04675d3b43537e4f69e992b5fde4630d0e0bfc3b388f1e9bd427fc17566036a

General

Target

f04675d3b43537e4f69e992b5fde4630d0e0bfc3b388f1e9bd427fc17566036a
Size

724KB
MD5

3f49f3daab271e0b674b269006abb025
SHA1

832863f5fc87e6e0ce8f97b131529dd795d43da8
SHA256

f04675d3b43537e4f69e992b5fde4630d0e0bfc3b388f1e9bd427fc17566036a
SHA512

31901c59636c221f414df74f1e089fc9f4ec438b522e587fe4073a556f1fe9627a4f4055d72061e18d292f6a06e77dea094195383632fe247a2a8d306d355b6b
SSDEEP

12288:TMn95oKAvnPtQXbfZMZYyrgd9en3n8elw9gVvGBfoOdsCFiO9WQ8L1lX9qbU+tFq:ocvP6FMm+3n8sw2SoGT2Q8k5FW9B

Score

N/A

Malware Config

Signatures

Files

f04675d3b43537e4f69e992b5fde4630d0e0bfc3b388f1e9bd427fc17566036a
.exe windows x86

2a5badd3ae3df2b86c259e196eee25d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
KeBugCheckEx
RtlInitUnicodeString
KeWaitForSingleObject
KeSetEvent
IofCompleteRequest
IoDeleteDevice
IoDetachDevice
KeInitializeDpc
ZwOpenKey
RtlQueryRegistryValues
IoOpenDeviceRegistryKey
IoBuildDeviceIoControlRequest
IoFreeWorkItem
IoWMIRegistrationControl
KeDelayExecutionThread
KeSetTimer
IoCancelIrp
PsCreateSystemThread
KeAcquireSpinLockAtDpcLevel
RtlAnsiStringToUnicodeString
RtlInitAnsiString
IoWriteErrorLogEntry
IoBuildSynchronousFsdRequest
_vsnwprintf
IoAcquireRemoveLockEx
IoInitializeRemoveLockEx
RtlUnicodeStringToAnsiString
RtlAppendUnicodeToString
RtlAppendUnicodeStringToString
KeInitializeMutex
RtlIntegerToUnicodeString
IoGetAttachedDeviceReference
KeSetTimerEx
IoDisconnectInterrupt
IoConnectInterrupt
ZwCreateFile
IoInvalidateDeviceRelations
MmUnlockPages
KeRemoveQueueDpc
ZwQuerySystemInformation
ExFreePoolWithTag

Sections

.text
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 385KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a5badd3ae3df2b86c259e196eee25d9

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 318KB - Virtual size: 317KB

.rdata Size: 512B - Virtual size: 172B

.data Size: 16KB - Virtual size: 15KB

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 385KB - Virtual size: 385KB

.text
Size: 318KB - Virtual size: 317KB

.rdata
Size: 512B - Virtual size: 172B

.data
Size: 16KB - Virtual size: 15KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 385KB - Virtual size: 385KB