cef804842f3a9a30b3ac1373200f7304c403c5eb5d76b5f448d2e388322f1a41

Sharing

Copy URL

Twitter E-mail

General

Target

cef804842f3a9a30b3ac1373200f7304c403c5eb5d76b5f448d2e388322f1a41
Size

57KB
MD5

dde086a6937edaca80afaa4f3a2a4132
SHA1

38e12598ec1c345eea57b276d50ac8539f7c4ce5
SHA256

cef804842f3a9a30b3ac1373200f7304c403c5eb5d76b5f448d2e388322f1a41
SHA512

8d8e78d8952633a01f53a722c55fe6ceded3eaeea4d0915ea8fc3b0021e20df7f79bf6b74e289bcb6881af12870074de56d3e53e47b7ebc5b69c0dc6fe87e69c
SSDEEP

1536:Wd7jQE4wVeHZbolBbVJ/v6fotA54O2ARGYuw4:Wd7jPQHOlBbjXvA54iRG

Score

N/A

Malware Config

Signatures

Files

cef804842f3a9a30b3ac1373200f7304c403c5eb5d76b5f448d2e388322f1a41
.exe windows x86

78dd2369d907a7141568705957a29f31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeInitializeEvent
ExFreePool
ExAllocatePoolWithTag
IoAllocateIrp
ZwSetValueKey
RtlInitUnicodeString
ZwQueryValueKey
ZwClose
ZwCreateKey
ZwOpenKey
RtlFreeUnicodeString
RtlStringFromGUID
IoOpenDeviceRegistryKey
IofCallDriver
InterlockedDecrement
KeInitializeSpinLock
PoUnregisterSystemState
PoRegisterSystemState
KeWaitForSingleObject
KeResetEvent
IoFreeIrp
wcscat
wcscpy
wcsncpy
wcslen
swprintf
IoGetDeviceProperty
IoInitializeIrp
KeReleaseSemaphore
InterlockedIncrement
KeInitializeSemaphore
KeReleaseMutex
KeInitializeMutex
IofCompleteRequest
IoCancelIrp
IoBuildDeviceIoControlRequest
IoWMIRegistrationCo�'��l
InterlockedExchange
IoWMIWriteEvent
KeTickCount
KeBugCheckEx
KeSetEvent

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeQueryPerformanceCounter

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx
USBD_ParseDescriptors

ks.sys

KsGetNextSibling
KsAcquireControl
KsReleaseControl
KsReleaseDevice
KsPinGetNextSiblingPin
KsStreamPointerUnlock
KsStreamPointerSetStatusCode
KsPinGetLeadingEdgeStreamPointer
KsFilterGetFirstChildPin
KsAcquireDevice
KsAddItemToObjectBag
KsGetParent
KsCreateFilterFactory
_KsEdit
KsGetFirstChild
KsGetFilterFromIrp
Ks��ttemptProcessing
KsPinG�
KsPinReleaseProcessingMutex
KsPinAcquireProcessingMutex
KsGetPinFrnlHrq�
KsSusdalQohnuerDemeud
KsStreamPointerClone
KsStreamPointerAdvanceOffsets
KsPinGetAvailableByteCount
KsDecrementCountedWorker
KsIncrementCountedWorker
KsStreamPointerAdvanceOffsetsAndUnlock
KsUnregisterWorker
KsRegisterCountedWorker
KsInitializeDriver
KsPinGetParentFilter

drmk.sys

DrmForwardContentToDeviceObject

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGECONS
Size: 768B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78dd2369d907a7141568705957a29f31

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

usbd.sys

ks.sys

drmk.sys

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 916B

PAGECONS Size: 768B - Virtual size: 656B

INIT Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 916B

PAGECONS
Size: 768B - Virtual size: 656B

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 2KB - Virtual size: 2KB