Static task
static1
General
-
Target
a1c5b9a14ac78b78911a93ad11f82600_native.exe
-
Size
9KB
-
MD5
a1c5b9a14ac78b78911a93ad11f82600
-
SHA1
d7a58500b878a8bbd75f216f3209b429b1f9ac56
-
SHA256
d87888b76fefe1a1bd18052fb17c5e1b9409b27a791d79d515591ea175df3661
-
SHA512
25a619817bd42d9ae5ee8920a7c010f974584789930a25b15d41a8850261885c9d9c53ae5e968aed33e60ee231ff71cd485a08f589a73da27640e346787edb47
-
SSDEEP
192:LMdyomoegDTPbLY5MEKdJ0U3jdvadeUH88+yJ:yTmoZXPddJ0yjUde25
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a1c5b9a14ac78b78911a93ad11f82600_native.exe
Files
-
a1c5b9a14ac78b78911a93ad11f82600_native.exe.sys windows:4 windows x86
561e3ff102469a42bcb688b921fc6c1d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ord8168
ord8192
ord8214
ord8228
ord8242
ord8274
ord8298
ord8308
ord8332
ord8364
ord8384
ord8404
ord8432
ord8452
ord8468
ord8480
ord8494
ord8518
ord8534
ord8150
ord8568
ord8588
ord8612
ord8628
ord8656
ord8684
ord8704
ord8716
ord8744
ord8766
ord8784
ord8798
ord8834
ord8860
ord8882
ord8894
ord8916
ord8126
ord8108
ord8546
ord8084
hal
ord8966
ord8946
ord8986
Sections
.text Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 64B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 576B - Virtual size: 558B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ