Static task
static1
General
-
Target
32b0ba9c43cfdce2715d669c53efb150
-
Size
8KB
-
MD5
32b0ba9c43cfdce2715d669c53efb150
-
SHA1
d677c269e16c614e9a14919df73179a09eb64da1
-
SHA256
54ef02e8688a518803dad04b9fd259f723b9132fbf465ce4976f9a196dbedd5f
-
SHA512
0514a985c02e63bac9a01937f4fc947281f1f96554cae2eff27b767186281d9f23234c4839043092006ba8d08047f3f9b03937eea4c9f2c5abe06804978901ee
-
SSDEEP
192:DGPYEIYVwSFSSX2QqOeFWGWSnEszh4tnIu3UO+GkUvuOLLL2lXVFfjtY:DGPYEpSQtvGWSEsi+lu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 32b0ba9c43cfdce2715d669c53efb150
Files
-
32b0ba9c43cfdce2715d669c53efb150.sys windows:4 windows x86 arch:x86
694756f952ec45c76cb3c11f2d22aee1
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ndis.sys
NdisGetCurrentSystemTime
NdisRegisterProtocol
ntoskrnl.exe
IoCreateDevice
IoCreateSymbolicLink
IofCompleteRequest
KeServiceDescriptorTable
MmIsAddressValid
IoGetCurrentProcess
ObDereferenceObject
IoGetDeviceObjectPointer
IoCreateFile
IofCallDriver
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 192B - Virtual size: 192B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 592B - Virtual size: 584B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 736B - Virtual size: 726B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ