Static task
static1
General
-
Target
1f1411781f7e8cfbd3b87fba77738dce
-
Size
42KB
-
MD5
1f1411781f7e8cfbd3b87fba77738dce
-
SHA1
62f6ad1eb944eb5b165fa05ba06ba33e03d07b5b
-
SHA256
a215055180e6629e9c16b08a3fe850bb8573674ab047050ef3adb1207678c5dc
-
SHA512
ed49750a9a3371b41928c797bef777293fc43095738e94dd5e8c69c646c0491938f7cfb3758e25f6f58817a5e8747b55d4fe31fac1ecbdf2b9dfc12c136ae84e
-
SSDEEP
768:327EodEuAdKO92db8Cxkk1WOB+LcFjOwJM4eHuszR:324l5K9iCxFvB+cJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1f1411781f7e8cfbd3b87fba77738dce
Files
-
1f1411781f7e8cfbd3b87fba77738dce.sys windows:5 windows x86 arch:x86
255166120636f8d841ad5ab089a6b65b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
MmGetSystemRoutineAddress
RtlInitUnicodeString
ExAllocatePoolWithTag
ExFreePoolWithTag
Sections
.text Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 170B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 30B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ