bdf1e30e06367d8d7d0b65399dd25d579750beb3e8d0407709e659e5aa51de90

General

Target

bdf1e30e06367d8d7d0b65399dd25d579750beb3e8d0407709e659e5aa51de90
Size

22KB
MD5

90bfafafb625a350c0ca44bfcb3b5b2a
SHA1

f5674ddf1ac72e107c06a0d0ef85683c36da28a1
SHA256

bdf1e30e06367d8d7d0b65399dd25d579750beb3e8d0407709e659e5aa51de90
SHA512

69a320b43d11069f9d1611b2a70c8130b4cf233684c90fa54977a0a00955a0b0e0f09690240a3a03a3aebd7ac944967145fb3f48c5ad99ae5b7f955a2c9c0c6d
SSDEEP

384:VQ+Lle4mzE1GxHjcYZlTDNGppe4MceMp5rx8gzMjc70Bco1aEUpp:Vtle76St3BGprzp3/zMAQB/hUp

Score

N/A

Malware Config

Signatures

Files

bdf1e30e06367d8d7d0b65399dd25d579750beb3e8d0407709e659e5aa51de90
.exe windows x86

c6227215645f161a640b66cdac507f50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeWaitForSingleObject
IofCallDriver
IoBuildDeviceIoControlRequest
IoRegisterDeviceInterface
ExAllocatePoolWithTag
ExFreePool
IoSetDeviceInterfaceState
KeSetEvent
InterlockedDecrement
KeInitializeEvent
InterlockedIncrement
RtlQueryRegistryValues
memmove
wcslen
RtlFreeUnicodeString
KeInitializeSpinLock
IoCreateDevice
IoAttachDeviceToDeviceStack
RtlInitUnicodeString
IofCompleteRequest
IoDeleteDevice
IoDetachDevice
PoCallDriver
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
PoRequestPowerIrp
IoFreeMdl
MmUnlockPages
MmProbeAndLockPages
IoAllocateMdl
IoCancelIrp
IoBuildPartialMdl
IoIsWdmVersionAvailable

hal

KfReleaseSpinLock
KfAcquireSpinLock

usbd.sys

USBD_CreateConfigurationRequest
USBD_GetUSBDIVersion
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wevy
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6227215645f161a640b66cdac507f50

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

usbd.sys

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 384B - Virtual size: 320B

INIT Size: 1KB - Virtual size: 1KB

.wevy Size: 11KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 436B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 384B - Virtual size: 320B

INIT
Size: 1KB - Virtual size: 1KB

.wevy
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 436B