57a080eda077f1fdcfee1bfb21c9eb9f9dd378edd43093f38427f8a4a14a0bf6N

General

Target

57a080eda077f1fdcfee1bfb21c9eb9f9dd378edd43093f38427f8a4a14a0bf6N
Size

12KB
MD5

edebb12990ab339c7536563dca1d3f60
SHA1

5033eb7d81588e6e7c436d91c51580ac449b9a02
SHA256

57a080eda077f1fdcfee1bfb21c9eb9f9dd378edd43093f38427f8a4a14a0bf6
SHA512

cbdc222c5e0f5c3ed156e8e1d5d7492d76edb61ca14f35578b2fa2f93cae9b70b1660eae19f81498b28e6ecd242258735d85968389af0af687e8395f30e83a1b
SSDEEP

192:GPdBpfRwpjQsD6L+O6ZMdkZf2JWJ8y9y78xf5rDqf2s5YciQCQKc0Pntexa7NEN0:G1XJf3Ewa8y44RrDqf2suQCec7NEN0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/hpcisss.sys

Files

57a080eda077f1fdcfee1bfb21c9eb9f9dd378edd43093f38427f8a4a14a0bf6N
.cab
hpcisss.sys
.sys windows:5 windows x86 arch:x86

04a9843e31b511973fb1282873538533

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

HpCISSs.pdb

Imports

ntoskrnl.exe

KeBugCheckEx
KeTickCount

storport.sys

StorPortInitialize
StorPortGetScatterGatherList
StorPortNotification
StorPortGetPhysicalAddress
StorPortPause
StorPortBusy
StorPortLogError
StorPortStallExecution
StorPortFreeDeviceBase
StorPortReadRegisterBufferUchar
StorPortReadRegisterUlong
StorPortGetDeviceBase
StorPortValidateRange
StorPortGetBusData
StorPortResume
StorPortWriteRegisterUlong
StorPortGetUncachedExtension
StorPortCompleteRequest
StorPortReadRegisterBufferUlong
StorPortWriteRegisterBufferUlong

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 810B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 622B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04a9843e31b511973fb1282873538533

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

storport.sys

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 512B - Virtual size: 274B

.data Size: 512B - Virtual size: 56B

INIT Size: 1024B - Virtual size: 810B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 622B

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 512B - Virtual size: 274B

.data
Size: 512B - Virtual size: 56B

INIT
Size: 1024B - Virtual size: 810B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 622B