b569a93136cdefbd402513cecda1d89d

General

Target

b569a93136cdefbd402513cecda1d89d
Size

39KB
MD5

b569a93136cdefbd402513cecda1d89d
SHA1

9bb281d487158e9924e63c410d152ba800227c3c
SHA256

401c54394119f8ec1131cc49b4344f8eb72ebebf6ab0aaa2d3846d3d1115c369
SHA512

eac6d9e94fcd6c1489f990b4390ea46ad1d10ade5bf2411015cfa7e742ab555c64a34ad76e6a7dc1a04b48d84693d4deb75669823f1e0584a49264ebdf088972
SSDEEP

384:qFDp5wvf3dYYgUQlbqqOeFW0AdgqhUiOExkmlBHw6gWxt+fa3ps5RsrnPJKaYzRU:wDpymJ/VAdgQ7868fyCcPJKJm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b569a93136cdefbd402513cecda1d89d

Files

b569a93136cdefbd402513cecda1d89d
.dll windows:5 windows x86 arch:x86

149c102a8f3a36f1907a4e77b643c184

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\EdblxqC\mmvxmOu\spjV.pdb

Imports

ntoskrnl.exe

RtlSetAllBits
KeEnterCriticalRegion
IoReportDetectedDevice
ZwDeleteValueKey
KeInsertByKeyDeviceQueue
KeInsertQueueDpc
KeSetTimerEx
KeSetEvent
RtlFindNextForwardRunClear
ExGetSharedWaiterCount
ObGetObjectSecurity
IoReuseIrp
IoDeleteController
PsSetLoadImageNotifyRoutine
PsDereferencePrimaryToken
ExUnregisterCallback
FsRtlSplitLargeMcb
IoGetDriverObjectExtension
RtlAnsiStringToUnicodeString
ZwDeviceIoControlFile
ExRaiseDatatypeMisalignment
SeSinglePrivilegeCheck
KeInsertQueue
KeRestoreFloatingPointState

Exports

Exports

?oTcdmwtKXcECQcKz@@YGJPAE@Z
?hXwmXrjDZFfknwwemWf@@YGXFF@Z

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 135B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dbgdir
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

149c102a8f3a36f1907a4e77b643c184

Headers

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.edata Size: 512B - Virtual size: 135B

.dbgdir Size: 512B - Virtual size: 512B

.data Size: 2KB - Virtual size: 18KB

INIT Size: 9KB - Virtual size: 9KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 135B

.dbgdir
Size: 512B - Virtual size: 512B

.data
Size: 2KB - Virtual size: 18KB

INIT
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 1KB - Virtual size: 1KB