ac09b2af0fbdad33187e3b07f33d351e7bbf3a75b434cc5131765dd3e4e9750c

General

Target

ac09b2af0fbdad33187e3b07f33d351e7bbf3a75b434cc5131765dd3e4e9750c
Size

32KB
MD5

af4c600f155ca2d61dee403f50afe0fd
SHA1

3930208f701d0083adcf9256f618a1158b31190d
SHA256

ac09b2af0fbdad33187e3b07f33d351e7bbf3a75b434cc5131765dd3e4e9750c
SHA512

54801af2bca2df049ac03fabee8ca85fead5c33d80cb988a01b5e6dd6cd27d896b570e67dbf5df2ad2907d2f21216cfc837ecf8949706e4c5d6ea015e7c08bce
SSDEEP

768:tJDGgUlJYLrrWaShCYB8wiDTS7bJ/gLt/S5TbyR4:juJYIs3WbJ/Qq9m4

Score

N/A

Malware Config

Signatures

Files

ac09b2af0fbdad33187e3b07f33d351e7bbf3a75b434cc5131765dd3e4e9750c
.dll windows x86

1099f2eec8656f6619c4d82a998dc127

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoFreeMdl
RtlUnicodeToOemN
FsRtlDissectDbcs
RtlInitializeUnicodePrefix
CcFastCopyWrite
ObCheckObjectAccess
ZwSetEaFile
RtlCompareString
RtlNtStatusToDosErrorNoTeb
_aulldiv
MmFreeContiguousMemory
PsCreateSystemThread
SeReleaseSubjectContext
IoReleaseCancelSpinLock
FsRtlNotifyInitializeSync
PsDisableImpersonation
SeCreateClientSecurity
PoSetSystemState
ExInterlockedPopEntryList
MmProbeAndLockSelectedPages
ZwCreateKey
CcPinRead
RtlGetDefaultCodePage
PfxInitialize
RtlImageNtHeader
RtlCreateAtomTable
NtOpenProcessToken
InbvAcquireDisplayOwnership

hal

HalProcessorIdle
HalRequestIpi
READ_PORT_USHORT
READ_PORT_BUFFER_UCHAR
HalAllProcessorsStarted
HalRequestSoftwareInterrupt
KeLowerIrql
HalGetBusDataByOffset
HalQueryDisplayParameters
HalTranslateBusAddress
HalStartNextProcessor
HalBeginSystemInterrupt
HalSetDisplayParameters
HalFlushCommonBuffer
HalAllocateAdapterChannel
KeRaiseIrqlToDpcLevel
HalGetEnvironmentVariable
HalClearSoftwareInterrupt
HalCalibratePerformanceCounter
IoFreeMapRegisters
HalReportResourceUsage
HalSetRealTimeClock
READ_PORT_ULONG
IoAssignDriveLetters
WRITE_PORT_BUFFER_UCHAR
READ_PORT_BUFFER_USHORT
WRITE_PORT_ULONG

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1099f2eec8656f6619c4d82a998dc127

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 55KB

.rsrc Size: 1024B - Virtual size: 728B

.reloc Size: 512B - Virtual size: 14B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 55KB

.rsrc
Size: 1024B - Virtual size: 728B

.reloc
Size: 512B - Virtual size: 14B