d0c651508839b334d9ed340b4e2149eaad11dffc97fe78ba249f1c3cff7859b6

Sharing

Copy URL

Twitter E-mail

General

Target

d0c651508839b334d9ed340b4e2149eaad11dffc97fe78ba249f1c3cff7859b6
Size

801KB
MD5

466389976cfcc7880c43413cb71e9dbb
SHA1

8ec63be55dfdcaf956eb06434414353dc9947462
SHA256

d0c651508839b334d9ed340b4e2149eaad11dffc97fe78ba249f1c3cff7859b6
SHA512

cba8e32825a317e559671e8913c31c91ccbd5ee1339e7f8db11d2ba59d8b277dd64749429437bec70504b2f48dcdfe8bf499fb357fcbd8cf27dd0f6819671c74
SSDEEP

12288:yyNm4UvubvwM+tX1J7TcaumrGuv9Wfn4PJNHE/whxqR0kDa4:lNm4F/ETcaumCu64PJawhe0k24

Score

N/A

Malware Config

Signatures

Files

d0c651508839b334d9ed340b4e2149eaad11dffc97fe78ba249f1c3cff7859b6
.exe windows x86

e6f175f3b47acba4a0ad2d28e17f666a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

videoprt.sys

VideoPortGetRomImage
VideoPortGetVgaStatus
VideoPortGetBusData
VideoPortMoveMemory
VideoPortInitialize
VideoPortUnmapMemory
VideoPortGetAccessRanges
VideoPortSetBusData
VideoPortStopTimer
VideoPortStartTimer
VideoPortSetTrappedEmulatorPorts
VideoPortCompareMemory
VideoPortGetAssociatedDeviceExtension
VideoPortGetRegistryParameters
VideoPortMapMemory
VideoPortGetDeviceBase
VideoPortFreeDeviceBase
VideoPortSetRegistryParameters
VideoPortEnumerateChildren
VideoPortGetAgpServices
VideoPortZeroMemory
VideoPortReleaseBuffer
VideoPortAllocateBuffer
VideoPortQueueDpc
VideoPortStallExecution
VideoPortInt10
VideoPortReadRegisterUlong
VideoPortReadRegisterUshort
VideoPortReadRegisterUchar
VideoPortWriteRegisterUlong
VideoPortWriteRegisterUshort
VideoPortWriteRegisterUchar

ntoskrnl.exe

MmMapLockedPagesSpecifyCache
MmUnmapLockedPages
MmIsAddressValid
ZwUnmapViewOfSection
ZwClose
ZwMapViewOfSection
MmGetPhysicalAddress
MmUnlockPages
KeRestoreFloatingPointState
RtlInitUnicodeString
KeQuerySystemTime
KeSaveFloatingPointState
ExAllocatePoolWithTag
KeSetEvent
ExFreePool
_except_handler3
IoAllocateMdl
MmProbeAndLockPages
IoFreeMdl
RtlInitAnsiString
RtlAnsiStringToUnicodeString
IoCreateSynchronizationEvent
KeClearEvent
ZwOpenSection
ObReferenceObjectByHandle
ExAllocatePool
MmFreeContiguousMemorySpecifyCache
MmAllocateContiguousMemorySpecifyCache
RtlTimeToTimeFields
KeInitializeSpinLock
MmBuildMdlForNonPagedPool
PsGetVersion
MmUnmapIoSpace
MmMapIoSpace
MmMapLockedPages

hal

HalTranslateBusAddress
HalGetBusData
HalSetBusDataByOffset
HalGetBusDataByOffset
KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock

Sections

.text
Size: 454KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_NVTEXT3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6f175f3b47acba4a0ad2d28e17f666a

Headers

File Characteristics

Imports

videoprt.sys

ntoskrnl.exe

hal

Sections

.text Size: 454KB - Virtual size: 454KB

_NVTEXT3 Size: 2KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 269KB - Virtual size: 269KB

PAGE Size: 13KB - Virtual size: 13KB

PAGE Size: 10KB - Virtual size: 10KB

INIT Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 454KB - Virtual size: 454KB

_NVTEXT3
Size: 2KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 269KB - Virtual size: 269KB

PAGE
Size: 13KB - Virtual size: 13KB

PAGE
Size: 10KB - Virtual size: 10KB

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 9KB