8c1c2989701fa2659d1f3a5619bbd03fe6c0d7fa1f257a9a3a3c8846788ab58d

General

Target

8c1c2989701fa2659d1f3a5619bbd03fe6c0d7fa1f257a9a3a3c8846788ab58d
Size

9KB
MD5

fd4107dee08c0841d83a07579d1bfa9b
SHA1

1ae9c75cedd8d54bf46a036258652700bf79f64d
SHA256

8c1c2989701fa2659d1f3a5619bbd03fe6c0d7fa1f257a9a3a3c8846788ab58d
SHA512

8bdc2dfe01b07323b9de9fe7d2bd5298493ab172174ec8e22d70cd6dc9fb8969f484b9d3b531e7bf3fcbd950b55f7c88d96c07b35cb566cf2f3d45a70ac9d068
SSDEEP

192:SOrNM/oMhtMz1E3uWkOVd0bpSqL62emYaM:RioM3Mnu01SqL65mYD

Score

N/A

Malware Config

Signatures

Files

8c1c2989701fa2659d1f3a5619bbd03fe6c0d7fa1f257a9a3a3c8846788ab58d
.exe windows x86

aa579a7000e6859e9b2aab6d8d13738a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoCreateSymbolicLink
IoCreateDevice
IoAttachDeviceToDeviceStack
IoGetDeviceObjectPointer
KeInitializeSpinLock
IoFreeMdl
MmBuildMdlForNonPagedPool
IoDeleteDevice
ObfDereferenceObject
ObReferenceObjectByHandle
ExAllocatePoolWithTag
ExFreePoolWithTag
KeTickCount
KeBugCheckEx
RtlInitUnicodeString
IoDeleteSymbolicLink
PsGetCurrentProcessId
IoBuildDeviceIoControlRequest
IoDetachDevice
IofCallDriver
IoAllocateMdl
IofCompleteRequest

hal

KfAcquireSpinLock
KfReleaseSpinLock

tdi.sys

TdiMapUserRequest

ndis.sys

NdisFreeBufferPool
NdisAllocateBufferPool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 896B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 640B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa579a7000e6859e9b2aab6d8d13738a

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

tdi.sys

ndis.sys

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 256B - Virtual size: 220B

.data Size: 128B - Virtual size: 88B

INIT Size: 1024B - Virtual size: 932B

.rsrc Size: 896B - Virtual size: 816B

.reloc Size: 640B - Virtual size: 544B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 256B - Virtual size: 220B

.data
Size: 128B - Virtual size: 88B

INIT
Size: 1024B - Virtual size: 932B

.rsrc
Size: 896B - Virtual size: 816B

.reloc
Size: 640B - Virtual size: 544B