08f7b355a10b2afc55116caf41383a1b3e5280725bb01c5cddceb5d7b2471c0f

Sharing

Copy URL

Twitter E-mail

General

Target

08f7b355a10b2afc55116caf41383a1b3e5280725bb01c5cddceb5d7b2471c0f
Size

170KB
MD5

b716138b1ba683cfd670c8f43e7d7383
SHA1

40fdb2971f981586131bfae4df50f86fd3933dea
SHA256

08f7b355a10b2afc55116caf41383a1b3e5280725bb01c5cddceb5d7b2471c0f
SHA512

eee1a0fd3c13be4a4f18f0e45400465332f360afec068a7d97de1f9fbd6e54e55314982de39178d836319fd2cba397805f9179f7d0ee71bfc0f9634e2510752a
SSDEEP

3072:dlPM+ZPP9ycNOfhKp8g/FNyp7i5WvcLQb9dENSN7Mk854pDN7:dpMWMZKf/FNyp7i5ZLSENSNokR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f7b355a10b2afc55116caf41383a1b3e5280725bb01c5cddceb5d7b2471c0f

Files

08f7b355a10b2afc55116caf41383a1b3e5280725bb01c5cddceb5d7b2471c0f
.dll windows:5 windows x64 arch:x64

29d8ab4bd2445f9033af8ea22e10722f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

k:\WorkshopAgent\DevelopDriver\_InjectDriverProj\InjectDriver_Kuangjun4\InjectDriver\Bin\Release\TIjtdrvd64.pdb

Imports

kernel32

ReadFile
SetFilePointer
WriteFile
FreeConsole
AllocConsole
GetStdHandle
WriteConsoleW
GetLastError
LocalFree
OpenProcess
GetCurrentProcess
CreateFileA
GetCurrentThreadId
MultiByteToWideChar
GetModuleFileNameW
GetTickCount
GetCurrentProcessId
GetLocalTime
CreateFileW
GetSystemInfo
LoadLibraryW
GetVersionExW
WideCharToMultiByte
CloseHandle
DeviceIoControl
Sleep
GetProcAddress
OutputDebugStringW
FlushFileBuffers
GetConsoleOutputCP
WriteConsoleA
lstrlenA
lstrlenW
GetACP
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapFree
HeapAlloc
GetCPInfo
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
HeapSize
ExitProcess
LCMapStringW
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapReAlloc
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
GetModuleHandleW

user32

GetWindowTextA
GetSystemMetrics
GetWindowTextW
GetWindowLongW
GetParent
IsWindowVisible
GetWindowThreadProcessId
MessageBoxW

advapi32

CreateServiceW
LookupAccountSidW
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyW
RegCreateKeyW
RegDeleteKeyW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteValueW
LockServiceDatabase
OpenSCManagerW
OpenServiceW
UnlockServiceDatabase
CloseServiceHandle
DeleteService
StartServiceW
ControlService
ChangeServiceConfigW

Exports

Exports

AddIjtModule
DelIjtModule
GetDrvFlags
GetIjtFlags
GetIjtModuleRule
GetIjtModuleRuleSize
GetIjtNecessity
InstallDriver
InstallDriver2
SetDrvFlags
SetIjtFlags
SetIjtModuleRule
SetIjtModules32
SetIjtModules64
SetIjtNecessity
SetPassthruProcID
SetPassthruProcName
StartDriver
StopDriver
UninstallDriver

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29d8ab4bd2445f9033af8ea22e10722f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 7KB - Virtual size: 19KB

.pdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 7KB - Virtual size: 19KB

.pdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB