Static task
static1
General
-
Target
2791ad7b357977f9b5a4e62b08764d22
-
Size
22KB
-
MD5
2791ad7b357977f9b5a4e62b08764d22
-
SHA1
c5d3460673f7b509d93408fba6a310bf7d51aa58
-
SHA256
060fa54e406f4231edc8fe64decdf779300f3429b121bd1fbd79798b993526a7
-
SHA512
a8e5b08e2892e5f660493e882fc0e7055187f26565477ed262bd1225cf1f04eb43d816380a51fc0c6ef238b490de85121a2f51133dbda84c8f27b3c33518c804
-
SSDEEP
384:Q2QbsxxjLPKDXMRYOG6VkQpnX41pH9FwHwYp:ZQbs3bKDXMRYlQkQ5oAwg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2791ad7b357977f9b5a4e62b08764d22
Files
-
2791ad7b357977f9b5a4e62b08764d22.sys windows:5 windows x86 arch:x86
3d58b7f2a3ae6191e9286d377e793844
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
RtlInitUnicodeString
wcsncmp
SeOpenObjectAuditAlarm
MmGetSystemRoutineAddress
ExAllocatePoolWithTag
MmIsNonPagedSystemAddressValid
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 224B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ