323e90679cd760133b15a8095e171deb

Sharing

Copy URL

Twitter E-mail

General

Target

323e90679cd760133b15a8095e171deb
Size

35KB
MD5

323e90679cd760133b15a8095e171deb
SHA1

398811a27f06d5bd0564cf9db07f40282945a14f
SHA256

23bbbac820411eeeac1b802d6e2b66da205dab7abe94e871aca32ac3a47ae9a4
SHA512

28cbd223a820351186487c30d953073fc4cc43aff87048d678065d46f9f41c640f54710b0147bb2a34b42e518f076f67a3d5e7fbb6fb8fb25fe0435ed0541799
SSDEEP

768:tEw6h7BZGXe+xOcS+j1a/xX5Ot9kt6kGPBvzbY:VmVIXDxOn+haxEt9ktq3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
323e90679cd760133b15a8095e171deb

Files

323e90679cd760133b15a8095e171deb
.sys windows:6 windows x86 arch:x86

f98174b3746247894a02c274c259a96c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeWaitForSingleObject
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
memset
KeTickCount
KeBugCheckEx
_aullshr

storport.sys

StorPortExtendedFunction
StorPortGetScatterGatherList
StorPortGetLogicalUnit
StorPortSetDeviceQueueDepth
StorPortFreeDeviceBase
StorPortGetUncachedExtension
StorPortGetDeviceBase
StorPortResume
StorPortPause
StorPortInitialize
StorPortReadPortUchar
StorPortReadPortUshort
StorPortReadPortUlong
StorPortReadPortBufferUchar
StorPortReadPortBufferUshort
StorPortNotification
StorPortReadRegisterUshort
StorPortReadRegisterUlong
StorPortReadRegisterBufferUshort
StorPortWritePortUchar
StorPortWritePortUlong
StorPortWritePortBufferUchar
StorPortWritePortBufferUshort
StorPortWriteRegisterUchar
StorPortWriteRegisterUlong
StorPortWriteRegisterBufferUshort
StorPortGetBusData
StorPortSetBusDataByOffset
StorPortStallExecution
StorPortGetPhysicalAddress
StorPortSynchronizeAccess
StorPortQuerySystemTime
StorPortMoveMemory
StorPortReadRegisterUchar

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 830B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f98174b3746247894a02c274c259a96c

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

storport.sys

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 512B - Virtual size: 329B

.data Size: 512B - Virtual size: 512B

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 830B

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 512B - Virtual size: 329B

.data
Size: 512B - Virtual size: 512B

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 830B