Static task
static1
General
-
Target
0a6efdf1f892a866957be98c372a8d31
-
Size
79KB
-
MD5
0a6efdf1f892a866957be98c372a8d31
-
SHA1
0c1e6d6cb52be882ec274d76be3d5cf32b7031e9
-
SHA256
55e47460391a013db70c914fc09aac46d84a997f126e303a944db0015723a258
-
SHA512
52d223d1ed91af4de74b74f0781db7ed3316819692ed49e097aa6beb556a7785b93b5ccc78d38b75bfb6edb3e167a9fae7039244b6da4e9ac6ab263f9fb40876
-
SSDEEP
1536:bt8cVnJuObQWM7BaUc2f7fAQvS27YMERPjlGHuuEwA9ox2v8:btTnAOb7MVaUcsbuUpCPBGdfp2E
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0a6efdf1f892a866957be98c372a8d31
Files
-
0a6efdf1f892a866957be98c372a8d31.sys windows:5 windows x86 arch:x86
4d5ca666e333299d80e2e05c2afd96f3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
ExAllocatePool
ExFreePool
Sections
.text Size: - Virtual size: 140KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 79KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE