Static task
static1
General
-
Target
2953d519909b6f4a6ba16cfeb44bcf3b
-
Size
37KB
-
MD5
2953d519909b6f4a6ba16cfeb44bcf3b
-
SHA1
60e596656139e89bffc800c2dac859066203a5a2
-
SHA256
bdd6dae5092deabcf7abbf04ec6d4ae2d776f5f30484fd99b6efb4371cd1fac2
-
SHA512
375ad069e1c48b4e3062974e204a956098db66a9d436f556508812730b28d88ae223bd83b04d633b5d44f5069db6d36252ae163612a32336e4afa89c93033746
-
SSDEEP
768:JL+nYQNUkq+1a+rEKc4RaEyFRqoeBwiS5jzl5Ozw0:RiYQNXJs+rr45bqNBt4l5Oc0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2953d519909b6f4a6ba16cfeb44bcf3b
Files
-
2953d519909b6f4a6ba16cfeb44bcf3b.sys windows:5 windows x86 arch:x86
e881d2be033ec5fbfb8151c6c94f4384
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
PsCreateSystemThread
memcpy
ZwCreateEvent
RtlInitUnicodeString
ZwFlushKey
RtlCompareUnicodeString
ExAllocatePoolWithTag
ExFreePool
Sections
.code Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 384B - Virtual size: 280B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LDATA Size: 128B - Virtual size: 1B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 242B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 768B - Virtual size: 760B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 384B - Virtual size: 298B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ