ee2334531350087c1cd0959b9c54dfe64583ca5fa80854b08d99d4415b7909c5

Sharing

Copy URL

Twitter E-mail

General

Target

ee2334531350087c1cd0959b9c54dfe64583ca5fa80854b08d99d4415b7909c5
Size

6.4MB
MD5

86ab58e5facc0f7d69c88588ee9fc58d
SHA1

4d0665b3013020f5575c4f122f9b9dd03675b714
SHA256

ee2334531350087c1cd0959b9c54dfe64583ca5fa80854b08d99d4415b7909c5
SHA512

aef3d6d47b578abd27afd333ca4c3c2f404bdd828fba1c68e1d0559ee5e81b82e88f97c16f6d36009c52856ad1951a33c7e407bc296529fb56b1cfab1c417b15
SSDEEP

98304:nvwwCbrbrqOx1vLIqUWmOm01orBBCzIOjeVPyfRwru+z6q6KvyvxtgoZF6TvJi2Z:ndCX3z0e7oLbGeUWruG6qUF8S2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee2334531350087c1cd0959b9c54dfe64583ca5fa80854b08d99d4415b7909c5

Files

ee2334531350087c1cd0959b9c54dfe64583ca5fa80854b08d99d4415b7909c5
.exe windows x64

85bece44f13b6247dafb1f7e55440485

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

IoDeleteDevice
ExAllocatePool
NtQuerySystemInformation
ExFreePoolWithTag
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
KeQueryActiveProcessors
KeSetSystemAffinityThread
KeRevertToUserAffinityThread
DbgPrint

hal

KeQueryPerformanceCounter

Sections

.text
Size: - Virtual size: 85B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: - Virtual size: 184B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Drv0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Drv1
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Drv2
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85bece44f13b6247dafb1f7e55440485

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: - Virtual size: 85B

.rdata Size: - Virtual size: 772B

.data Size: - Virtual size: 16B

.pdata Size: - Virtual size: 36B

INIT Size: - Virtual size: 184B

.Drv0 Size: - Virtual size: 3.5MB

.Drv1 Size: 512B - Virtual size: 312B

.Drv2 Size: 6.4MB - Virtual size: 6.4MB

.reloc Size: 512B - Virtual size: 256B

.text
Size: - Virtual size: 85B

.rdata
Size: - Virtual size: 772B

.data
Size: - Virtual size: 16B

.pdata
Size: - Virtual size: 36B

INIT
Size: - Virtual size: 184B

.Drv0
Size: - Virtual size: 3.5MB

.Drv1
Size: 512B - Virtual size: 312B

.Drv2
Size: 6.4MB - Virtual size: 6.4MB

.reloc
Size: 512B - Virtual size: 256B