easy_Benign_fe23296f334c1bf3a5d4c248f59da5d0049fc9f730fa048e9472f942eee5dbac[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

easy_Benign_fe23296f334c1bf3a5d4c248f59da5d0049fc9f730fa048e9472f942eee5dbac.exe
Size

25KB
MD5

16242043e5c984aeefbea66c04ee0169
SHA1

23f83d93c9c1fdc1b24078286f1c332e4ec3eb24
SHA256

fb5ed1ac56e1f8e073322588fb318cf1ba3e17622785c14801357394a4026262
SHA512

3709d101453821dbf89e7019a32368f1adb9e1a77f418792f677d327e92b15af480a71907594a05fc2314e4cb951241fd108ff512abd0d0887a18f7c0d285233
SSDEEP

384:HwZbsbqYaoEcVwGcIrvnaVqhG+lGnG9O48JfVRtPnIAg+GpWQwwWfJ4L:TqYaoEWtrvoF+kGEF7tnmiJc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Benign_fe23296f334c1bf3a5d4c248f59da5d0049fc9f730fa048e9472f942eee5dbac.exe

Files

easy_Benign_fe23296f334c1bf3a5d4c248f59da5d0049fc9f730fa048e9472f942eee5dbac.exe
.exe windows x86

0db1948509cacbe5fa295d69e0000c33

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

MmBuildMdlForNonPagedPool
ObfDereferenceObject
IoAllocateMdl
IoStartTimer
IoDisconnectInterrupt
IoSetStartIoAttributes
_vsnprintf
RtlInitUnicodeString
PoRequestPowerIrp
KeInitializeSpinLock
IoDeleteDevice
IoStopTimer
KeInitializeTimer
IoBuildDeviceIoControlRequest
ExfInterlockedRemoveHeadList
IoGetDeviceObjectPointer
RtlQueryRegistryValues
IoAttachDeviceToDeviceStack
IoStartPacket
KeSetEvent
RtlInitAnsiString
ObReferenceObjectByHandle
IoQueryDeviceDescription
IoFreeMdl
PoCallDriver
IoAllocateAdapterChannel
ObfReferenceObject
MmGetSystemRoutineAddress
ExAllocatePoolWithTag
IoCreateDevice
IofCallDriver
KeQuerySystemTime
ExFreePoolWithTag
KeInitializeEvent
IoSetHardErrorOrVerifyDevice
MmPageEntireDriver
IofCompleteRequest
ExfInterlockedInsertTailList
KeWaitForSingleObject
IoAllocateErrorLogEntry
ZwClose
ZwSetValueKey
PoStartNextPowerIrp
KeResetEvent
ZwOpenKey
RtlCompareMemory
IoFreeIrp
IoAllocateIrp
IoGetAttachedDeviceReference
memmove
IoWriteErrorLogEntry
IoDetachDevice
IoInitializeTimer
KeInitializeDpc
KeSynchronizeExecution
IoConnectInterrupt
_vsnwprintf
IoStartNextPacket
RtlAnsiStringToUnicodeString
MmResetDriverPaging
KeDelayExecutionThread
IoGetDmaAdapter
KeSetTimer
MmMapIoSpaceEx
KeInsertQueueDpc
memcpy
memset

hal

KfLowerIrql
KfRaiseIrql
ExAcquireFastMutex
KfAcquireSpinLock
IoMapTransfer
HalTranslateBusAddress
HalGetInterruptVector
WRITE_PORT_UCHAR
KfReleaseSpinLock
READ_PORT_UCHAR
ExReleaseFastMutex
KeStallExecutionProcessor
IoFreeAdapterChannel
IoFlushAdapterBuffers

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 1024B - Virtual size: 691B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0db1948509cacbe5fa295d69e0000c33

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 1000B

.data Size: 512B - Virtual size: 242B

PAGE Size: 1024B - Virtual size: 691B

INIT Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 1024B - Virtual size: 864B

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 1000B

.data
Size: 512B - Virtual size: 242B

PAGE
Size: 1024B - Virtual size: 691B

INIT
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 1024B - Virtual size: 864B