cdecd03b264405c53df6b8710a55dd408cbb4680426ba3d3f200f2efe2401679

Sharing

Copy URL Twitter E-mail

General

Target

cdecd03b264405c53df6b8710a55dd408cbb4680426ba3d3f200f2efe2401679
Size

744KB
MD5

bf149cc122eda3c6563a1763e46d80f9
SHA1

5de61c57e4389a1407708088ac8dc284fba731c4
SHA256

cdecd03b264405c53df6b8710a55dd408cbb4680426ba3d3f200f2efe2401679
SHA512

e5203c249096cfdb0f8946f6d8cb63e8c7111c3781b9cea38f0ed7b13961daee762255eaa2104bb2794c9e736c80e5bbfbd3a07f457c15cfad0fafd7496db67f
SSDEEP

12288:UDsLYnDzZti/SxEnwVmkMpcksbRvMB/V3Hx:Hoz6SxEnwVmJpr2uBd3

Score

N/A

Malware Config

Signatures

Files

cdecd03b264405c53df6b8710a55dd408cbb4680426ba3d3f200f2efe2401679
.exe windows x86

6773dce149b48a42d35aa9cdc396493d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoCreateDevice
ExAllocatePoolWithTag
_snprintf
RtlInitUnicodeString
KeBugCheckEx
KeWaitForSingleObject
KeSetEvent
ExFreePoolWithTag
RtlCompareMemory
ZwQueryValueKey
PoStartNextPowerIrp
IoAttachDeviceToDeviceStack
IoDetachDevice
IoAllocateIrp
MmMapLockedPagesSpecifyCache
IoOpenDeviceRegistryKey
IoQueueWorkItem
KeInitializeTimer
IoAllocateWorkItem
IoBuildDeviceIoControlRequest
IoFreeWorkItem
IoWMIRegistrationControl
KeDelayExecutionThread
IoSetDeviceInterfaceState
ZwSetValueKey
MmGetSystemRoutineAddress
KeReleaseSpinLockFromDpcLevel
PsCreateSystemThread
IoGetDeviceProperty
KeAcquireSpinLockAtDpcLevel
IoReleaseCancelSpinLock
DbgPrint
IoBuildSynchronousFsdRequest
MmUnmapIoSpace
IoAcquireRemoveLockEx
IoInitializeRemoveLockEx
RtlUnicodeStringToAnsiString
KeResetEvent
IoReleaseRemoveLockEx
ZwCreateKey
KeReleaseMutex
KeInitializeMutex
_vsnprintf
RtlIntegerToUnicodeString
IoGetAttachedDeviceReference
ExDeleteNPagedLookasideList
ExInitializeNPagedLookasideList
IoConnectInterrupt
RtlWriteRegistryValue
ZwQuerySystemInformation
MmProbeAndLockPages
MmUnlockPages
IoGetDeviceObjectPointer

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 414KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6773dce149b48a42d35aa9cdc396493d

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 312KB - Virtual size: 312KB

.rdata Size: 512B - Virtual size: 277B

.data Size: 13KB - Virtual size: 12KB

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 414KB - Virtual size: 413KB

.text
Size: 312KB - Virtual size: 312KB

.rdata
Size: 512B - Virtual size: 277B

.data
Size: 13KB - Virtual size: 12KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 414KB - Virtual size: 413KB