abd8d5c2a8798984f424a9f15f6244102c31c4d97776ef4c4c6a8d959cf1b40f

General

Target

abd8d5c2a8798984f424a9f15f6244102c31c4d97776ef4c4c6a8d959cf1b40f
Size

14KB
MD5

397eb295f42e975ce9f212d5ebe7c736
SHA1

6840650d19bd153a4a6413cbda2c96b2d8d0784a
SHA256

abd8d5c2a8798984f424a9f15f6244102c31c4d97776ef4c4c6a8d959cf1b40f
SHA512

0b4acaf859757a38e55c52521a07c3b9adad61fbe164c18f51e36c16e2fbd5d1d582a43e06ff91e63888e58ff23ad7b42680481b63d449af035c6ff912d049ac
SSDEEP

384:rLYztwyry8KJ0UKHiy0HMEwuzByKKTD8LKQolm7ftWa46W:rLYRCJ0UmDCMNuqTnQolcQ

Score

N/A

Malware Config

Signatures

Files

abd8d5c2a8798984f424a9f15f6244102c31c4d97776ef4c4c6a8d959cf1b40f
.exe windows x64

9ebe17ad0402b857a2a3985e65801d91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
ExFreePoolWithTag
IoAllocateMdl
MmBuildMdlForNonPagedPool
IoFreeMdl
KeInitializeEvent
KeWaitForSingleObject
IoCreateDevice
IoInitializeRemoveLockEx
IoAttachDeviceToDeviceStack
IoDetachDevice
IoDeleteDevice
IoOpenDeviceRegistryKey
IoReleaseRemoveLockEx
ZwQueryValueKey
ZwClose
KeAcquireInStackQueuedSpinLock
KeReleaseInStackQueuedSpinLock
RtlCompareMemory
IoReleaseRemoveLockAndWaitEx
IofCallDriver
IofCompleteRequest
KeSetEvent
PoStartNextPowerIrp
PoCallDriver
ZwOpenKey
KeBugCheckEx
RtlInitUnicodeString
IoAcquireRemoveLockEx
IoBuildSynchronousFsdRequest
IoFreeIrp
IoGetAttachedDeviceReference
IoAllocateIrp
ObfDereferenceObject
__C_specific_handler

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 1024B - Virtual size: 993B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ebe17ad0402b857a2a3985e65801d91

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 964B

.data Size: 512B - Virtual size: 788B

.pdata Size: 512B - Virtual size: 372B

PAGE Size: 1024B - Virtual size: 993B

INIT Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 964B

.data
Size: 512B - Virtual size: 788B

.pdata
Size: 512B - Virtual size: 372B

PAGE
Size: 1024B - Virtual size: 993B

INIT
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB