150a7f7f9b764a21b713ef54c63feddcb513d1899da1ce7e884345c407ea62a5

Sharing

Copy URL

Twitter E-mail

General

Target

150a7f7f9b764a21b713ef54c63feddcb513d1899da1ce7e884345c407ea62a5
Size

166KB
MD5

cbcf836e370f07e4666fb61ebb79e030
SHA1

a961abac67db228947ecc98f1995920f10d62952
SHA256

150a7f7f9b764a21b713ef54c63feddcb513d1899da1ce7e884345c407ea62a5
SHA512

3518d51450b1cc6858f434b634c344f8017c56ef12f9b8431b036a1bccb6c9a1172c9b9bb901d8b2dc504fb34bd8dcf6292fb58ab26007a80b7a523edc5f98fe
SSDEEP

3072:ygty9pp9wL0AQ457ezNDQS0iQX3Bh5fIwnNuvyNDfLIpuS1B2GHJCTu3w:zIpaLNQ4ABj08wnN0yNTIJ1BHJCT

Score

N/A

Malware Config

Signatures

Files

150a7f7f9b764a21b713ef54c63feddcb513d1899da1ce7e884345c407ea62a5
.exe windows x86

5dcfec76b9a98bf0463d89cad17c0464

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

strncpy
KefAcquireSpinLockAtDpcLevel
KefReleaseSpinLockFromDpcLevel
_allmul
KeTickCount
KeQueryTimeIncrement
_alldiv
RtlInitUnicodeString
RtlCopyUnicodeString
RtlAppendUnicodeStringToString
MmMapLockedPagesSpecifyCache
IoFreeMdl
KeQuerySystemTime
KeInitializeSpinLock

hal

WRITE_PORT_ULONG
KeStallExecutionProcessor
KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock

ndis.sys

NdisMAllocateMapRegisters
NdisMFreeMapRegisters
NdisReadNetworkAddress
NdisMRegisterInterrupt
NdisMDeregisterIoPortRange
NdisMUnmapIoSpace
NdisWritePciSlotInformation
NdisReadPciSlotInformation
NdisMRegisterIoPortRange
NdisMMapIoSpace
NdisMPciAssignResources
NdisMQueryAdapterResources
NdisResetEvent
NdisTerminateWrapper
NdisCancelTimer
NdisMSetAttributesEx
NdisInitializeWrapper
NdisMDeregisterAdapterShutdownHandler
NdisWriteErrorLogEntry
NdisWriteEventLogEntry
NdisCloseConfiguration
NdisReadConfiguration
NdisOpenConfiguration
NdisSetTimer
NdisInitializeTimer
NdisAllocateMemoryWithTag
NdisMSleep
NdisFreeMemory
NdisMRegisterAdapterShutdownHandler
NdisMRegisterMiniport
NdisFreeBufferPool
NdisAllocateBuffer
NdisAllocateBufferPool
NdisFreePacket
NdisAllocatePacket
NdisUnchainBufferAtFront
NdisMQueryAdapterInstanceName
NdisFreePacketPool
NdisMSetMiniportSecondary
NdisAllocatePacketPool
NdisMCompleteBufferPhysicalMapping
NdisMStartBufferPhysicalMapping
NdisMFreeSharedMemory
NdisMAllocateSharedMemory
NdisMDeregisterInterrupt
NdisWaitEvent
NdisMCancelTimer
NdisSetEvent
NdisInitializeEvent
NdisMInitializeTimer

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dcfec76b9a98bf0463d89cad17c0464

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

ndis.sys

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 6KB - Virtual size: 5KB

INIT Size: 2KB - Virtual size: 2KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 6KB - Virtual size: 5KB

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 2KB - Virtual size: 2KB