2f2a825b3f6f822494267c6b723d9961 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f2a825b3f6f822494267c6b723d9961
Size

68KB
MD5

2f2a825b3f6f822494267c6b723d9961
SHA1

1f86609506aceedcab5fd2bdc8795d830f994350
SHA256

7dfc6a3dfd9cb4dbeaa5ab6e7d54b81dec0c360c8aa82ebf12ccbe69420d9ed7
SHA512

301b6a0004dc2d3704c9756ff69c08cd8914c655790ebf41cba454a4f34861a3786b3eae4a52e6752c9baed9647402e5dad76cdfcc6bc75e5bdd118d1b7a3cef
SSDEEP

1536:X7KcHdeiO/P18J8g85EjCm3gitwrxHpobil:LKqTEt70emwi637

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f2a825b3f6f822494267c6b723d9961

Files

2f2a825b3f6f822494267c6b723d9961
.sys windows:5 windows x86 arch:x86

12cfecc6c06119774bbc18175564d896

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

memset
IoFreeWorkItem

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 128B - Virtual size: 94B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ