d6540e2d513ddb3da97e5bbe42e47591dfbffb109d37a0b832134fb5590d4a45

General

Target

d6540e2d513ddb3da97e5bbe42e47591dfbffb109d37a0b832134fb5590d4a45
Size

82KB
MD5

e07024d676c886c2f27811e5785752db
SHA1

e3795710246174694dae9547c14a7b26b627c520
SHA256

d6540e2d513ddb3da97e5bbe42e47591dfbffb109d37a0b832134fb5590d4a45
SHA512

87a81b50d8629ba6fcc78f1b145b469cff07b1ca78395b3019d8b1717eeea729ab85a2643da6e133643dd97703c7d08a505a2d17dfecfc1e02178d6bb7902d48
SSDEEP

1536:LMqh4F71ytoHtq+I3FM+KHN7pO+eyfYM0MLE9VHXOk1QEU4m:zoHtG3uH1gj6XAL3j1Q51

Score

N/A

Malware Config

Signatures

Files

d6540e2d513ddb3da97e5bbe42e47591dfbffb109d37a0b832134fb5590d4a45
.dll windows x86

46f0ca235e9b11c0351d241f12b96abf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoSetDeviceInterfaceState
RtlImageNtHeader
RtlFindNextForwardRunClear
Ke386QueryIoAccessMap
LsaFreeReturnBuffer
RtlSetAllBits
IoWriteErrorLogEntry
ExSemaphoreObjectType
FsRtlReleaseFile
ExInterlockedExtendZone
RtlSubAuthorityCountSid
ExAcquireSharedStarveExclusive
ExAllocatePoolWithTag
RtlValidSecurityDescriptor
IofCallDriver
LsaRegisterLogonProcess
KeDelayExecutionThread
CcUnpinRepinnedBcb
IoRegisterDriverReinitialization
InbvNotifyDisplayOwnershipLost
Ke386IoSetAccessProcess
PsSetLegoNotifyRoutine
IoReuseIrp
RtlAppendUnicodeToString
FsRtlNormalizeNtstatus

hal

HalGetBusData
HalGetInterruptVector
HalSetBusData
IoFreeMapRegisters
HalAllocateAdapterChannel
ExReleaseFastMutex
KeReleaseQueuedSpinLock
HalFlushCommonBuffer
HalClearSoftwareInterrupt
KfLowerIrql
KeAcquireQueuedSpinLock
HalFreeCommonBuffer
HalQueryDisplayParameters
HalAllocateCrashDumpRegisters
HalBeginSystemInterrupt
WRITE_PORT_ULONG
HalGetBusDataByOffset
KeLowerIrql
WRITE_PORT_USHORT
KeRaiseIrqlToSynchLevel
IoFreeAdapterChannel
KeAcquireSpinLock
HalCalibratePerformanceCounter
KeFlushWriteBuffer
HalRequestIpi
HalRequestSoftwareInterrupt
HalSetProfileInterval

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46f0ca235e9b11c0351d241f12b96abf

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 74KB - Virtual size: 73KB

.rsrc Size: 1024B - Virtual size: 736B

.reloc Size: 512B - Virtual size: 14B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 74KB - Virtual size: 73KB

.rsrc
Size: 1024B - Virtual size: 736B

.reloc
Size: 512B - Virtual size: 14B