ed1481fa400cac7720b4bacf82b89a4b1cff5fe4ae725a0d5dd557f06c3e3fc6

General

Target

ed1481fa400cac7720b4bacf82b89a4b1cff5fe4ae725a0d5dd557f06c3e3fc6
Size

21KB
MD5

402a333f7e0c38178d7871f5390d5456
SHA1

3d1244ee398977a15f67f500d25abdbc16ce0855
SHA256

ed1481fa400cac7720b4bacf82b89a4b1cff5fe4ae725a0d5dd557f06c3e3fc6
SHA512

30208b09c74de31ff0545de16599be5a767310d34e37d9934afe379e3d2c94eb1e00fcb2803e45af380b45103ede8a7694ef29336ea04bbc6d0d3f30623415fb
SSDEEP

384:QN+KUt2BtUXbyTHoCtGRZjNVAsRMNSChq3BBl4iQu5VpBjbOjBMmhyMD:AdUtytUXbyTICtGjNMNbcxoudkMmwMD

Score

N/A

Malware Config

Signatures

Files

ed1481fa400cac7720b4bacf82b89a4b1cff5fe4ae725a0d5dd557f06c3e3fc6
.exe windows x86

479fce4cf16dc904242d5976b408cacd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ataport.sys

AtaPortNotification
AtaPortQuerySystemTime
AtaPortReadPortUchar
AtaPortStallExecution
AtaPortWritePortUchar
AtaPortWritePortUlong
AtaPortGetPhysicalAddress
AtaPortConvertPhysicalAddressToUlong
AtaPortGetScatterGatherList
AtaPortGetParentBusType
AtaPortRequestCallback
AtaPortWritePortBufferUshort
AtaPortGetUnCachedExtension
AtaPortCompleteRequest
AtaPortCopyMemory
AtaPortEtwTraceLog
AtaPortCompleteAllActiveRequests
AtaPortReleaseRequestSenseIrb
AtaPortBuildRequestSenseIrb
AtaPortReadPortBufferUshort
AtaPortInitialize
AtaPortGetDeviceBase
AtaPortDeviceStateChange

ntoskrnl.exe

KeTickCount

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 210B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

479fce4cf16dc904242d5976b408cacd

Headers

DLL Characteristics

File Characteristics

Imports

ataport.sys

ntoskrnl.exe

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 512B - Virtual size: 174B

.data Size: 512B - Virtual size: 12B

INIT Size: 1024B - Virtual size: 908B

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 512B - Virtual size: 210B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 512B - Virtual size: 174B

.data
Size: 512B - Virtual size: 12B

INIT
Size: 1024B - Virtual size: 908B

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 512B - Virtual size: 210B