54ede2069c819ff2bcce2de4443df454 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54ede2069c819ff2bcce2de4443df454
Size

50KB
MD5

54ede2069c819ff2bcce2de4443df454
SHA1

314e3c10206c29dc888d2eba0f6d1c57113e8dbc
SHA256

2ce3ac3f894b9723a7b9996c4ca8ebd3632cd8699d91bc099a3693b08001e1dd
SHA512

b8d42c94b3ac24d833782b84219b4998ed4ef96a01fdf4184fa5066bc4d2d8785d28c648c5d21082953bf963d05be2203f79705ab0404f53cf1a1c001fe707e7
SSDEEP

768:wYWyRnEC3vIo7giwFwxAGZqzBe/rgg/XpA2wXERbSdCJajWBrxFm:wqrh6FwxAG4zBArPE0zJuWBVFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54ede2069c819ff2bcce2de4443df454

Files

54ede2069c819ff2bcce2de4443df454
.sys windows:4 windows x86 arch:x86

a6527c3f321b0e49755d02c5ce489fa2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

tcpip.sys

SetIPSecPtr
LookupRoute
IPFreeBuff

hal

HalProcessorIdle
KeRaiseIrql
KfLowerIrql

ntoskrnl.exe

IoPageRead
IoStopTimer
ZwClose

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.321
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.123oc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ