0f7a3dece101e4cb3cd96a2488412420_native[.]exe

General

Target

0f7a3dece101e4cb3cd96a2488412420_native.exe
Size

55KB
MD5

0f7a3dece101e4cb3cd96a2488412420
SHA1

6cc9079344ce031c07129c09e45eb77f67267ca1
SHA256

1d415fc271ed2f8bc67f3bc54f611bbae7d293b8cbc8e47eac37e3d6c2a93f9d
SHA512

1ca183814e1680ab2bd4284a007abe6ec9ceefe7c4dd6c31f1471a8d8775244901e758a7a27912ac5b4c7a1b3c72463e85b0079fa31b26d84928e4f1c587bb37
SSDEEP

768:omiDwert6BoKfAxCmXRO0EvUZmlI1pf+1hfs+Ox+OPfm7MXneogB37RkkG:Wwct6m8mXROO4hHaJ+ouoo37ukG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f7a3dece101e4cb3cd96a2488412420_native.exe

Files

0f7a3dece101e4cb3cd96a2488412420_native.exe
.sys windows:4 windows x86

750045bdd9b15ef5b287eaf53cfe4e08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntoskrnl.exe

RtlCheckRegistryKey
RtlCreateRegistryKey
RtlIntegerToUnicodeString
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlQueryRegistryValues
RtlWriteRegistryValue
KeBugCheck

scsiport.sys

ScsiPortReadPortBufferUshort
ScsiPortNotification
ScsiPortGetBusData
ScsiPortConvertUlongToPhysicalAddress
ScsiPortGetDeviceBase
ScsiPortFreeDeviceBase
ScsiPortReadPortUlong
ScsiPortInitialize
ScsiPortReadPortUchar
ScsiPortStallExecution
ScsiPortReadPortUshort
ScsiPortWritePortUchar
ScsiPortWritePortUshort
ScsiPortMoveMemory
ScsiPortWritePortUlong
ScsiPortCompleteRequest
ScsiPortGetPhysicalAddress
ScsiPortLogError
ScsiPortGetUncachedExtension
ScsiPortReadPortBufferUlong
ScsiPortWritePortBufferUshort
ScsiPortWritePortBufferUlong

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 928B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

750045bdd9b15ef5b287eaf53cfe4e08

Headers

File Characteristics

Imports

ntoskrnl.exe

scsiport.sys

Sections

.text Size: 47KB - Virtual size: 47KB

.data Size: 2KB - Virtual size: 2KB

INIT Size: 1024B - Virtual size: 1008B

.rsrc Size: 928B - Virtual size: 900B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 47KB - Virtual size: 47KB

.data
Size: 2KB - Virtual size: 2KB

INIT
Size: 1024B - Virtual size: 1008B

.rsrc
Size: 928B - Virtual size: 900B

.reloc
Size: 1KB - Virtual size: 1KB