Static task
static1
General
-
Target
0dffe5a888658f7012258975fdc2d23c
-
Size
39KB
-
MD5
0dffe5a888658f7012258975fdc2d23c
-
SHA1
3dd5dcf39d91d96db7bb8b754182fe37fc08966c
-
SHA256
bd271d92064bab2067ca6aa9b225573afd189f4f6825b2a5e5647ef287ea3073
-
SHA512
d9d6a321a44e1171bfae720db528762a62de9aa3f4067560fa6b6bcd1280a2ddc3a178042a427d0fba8da2e01f2132bcbcd475545af330f2e50f3e367a821713
-
SSDEEP
768:m3rI79y+TSXNAtRvtn5OnTBbB6up6UKEZ/PImTfHEm:mc79vTSXCX95OnTBt+EZ/PImDH
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0dffe5a888658f7012258975fdc2d23c
Files
-
0dffe5a888658f7012258975fdc2d23c.sys windows:5 windows x86 arch:x86
fb3f0d371dd5bcedbd13b563fc4506d1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
MmUnmapLockedPages
IoGetCurrentProcess
RtlInitUnicodeString
MmGetSystemRoutineAddress
ExAllocatePoolWithTag
KeSetTimerEx
Sections
.text Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 30B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ