69803139ebb7102758b3b85cb32f4796 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69803139ebb7102758b3b85cb32f4796
Size

2KB
MD5

69803139ebb7102758b3b85cb32f4796
SHA1

07d54e2e4e7eac2849e5fc493b27e13d0d56e171
SHA256

e64732270dc3550dbf09e4f254850e3895c9eafbca379a1107d6cfcc494e8592
SHA512

3057033e6098d2cd1d4ae1dc60fb16ef09d27437dff5dcbfedc797984d9f469729f1cf07d9d3d2801bd1e77428402e0c8dec29f7e49f736f2504e9c67b21ec73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69803139ebb7102758b3b85cb32f4796

Files

69803139ebb7102758b3b85cb32f4796
.sys windows:5 windows x86 arch:x86

f6eb7db51c28b1d7733f5f5911841cea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
IoDeleteSymbolicLink
DbgPrint
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
_except_handler3

Sections

.text
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 256B - Virtual size: 252B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ