23b57af0a00e4da327cdcc79c5b0512b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23b57af0a00e4da327cdcc79c5b0512b
Size

719KB
MD5

23b57af0a00e4da327cdcc79c5b0512b
SHA1

41ca908f21c5924feb902dba61035bc2123e8b1c
SHA256

cfa5c1f86dd716468dddb2fbf8b7dddaaed7167baf1b35b6e45a008f12b91e3a
SHA512

269ae6e86c70fcbf6ed9ef49ec599bea31abb7063b5659f2f91de213a38b40c61048d4770d16dc4c91b88827b1fd37ff0798f32d7495ca9a2567c1865e109e58
SSDEEP

6144:ITfdUAVG+UQ4mmRV4Qb0EZdYj6g9UVf1gbpzBaJAXDwz1HYsGj+KFTkqU55iY7Qn:uBR4RRfb0EZKWbWjj9Gqa5iY7QjD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23b57af0a00e4da327cdcc79c5b0512b

Files

23b57af0a00e4da327cdcc79c5b0512b
.sys windows:5 windows x86 arch:x86

d96855ac33b57e36e5fd46d130e3f351

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
MmMapLockedPages
MmUnmapIoSpace
MmMapIoSpace
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString

Sections

.text
Size: 512B - Virtual size: 429B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 256B - Virtual size: 250B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ