Static task
static1
General
-
Target
2be21523c77f75a13fc51a04e229cb2e
-
Size
21KB
-
MD5
2be21523c77f75a13fc51a04e229cb2e
-
SHA1
2849c9593bd4429250ee81c2f625de70d8eccf8d
-
SHA256
cfefe93c026bbafb249c43fcac7c06802036f91fce91d18dfa0e630712dd9d71
-
SHA512
e3b7fb46e0faa970a7aa76ba710b37313d47362286efbad0bcb195198b9799f6665494a62b749ea46d5a7356727d2e3b75d3fd9363495aeb07960ae8e4f079d3
-
SSDEEP
384:SAQsr9G99999999999999999999999999999999999999999999995w9X9999E91:SAQsr9G999999999999999999999999H
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2be21523c77f75a13fc51a04e229cb2e
Files
-
2be21523c77f75a13fc51a04e229cb2e.sys windows:5 windows x86 arch:x86
671bb83d4a701a14edaf88add95de1b4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
RtlInitUnicodeString
MmProtectMdlSystemAddress
KeQuerySystemTime
_alldiv
MmGetSystemRoutineAddress
ExAllocatePoolWithTag
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 26B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ