Static task
static1
General
-
Target
SecuriteInfo.com.Trojan.TR.Dropper.Gen.13342.19149.exe
-
Size
346KB
-
MD5
e26159f3d33e0a7e087881e92b9959af
-
SHA1
33c2dd43cc789069948a19237cc7708ac5586524
-
SHA256
4aa9e283503100fe94c6516eca4ee0e3f7293a82f782412dfaca3409959d15d9
-
SHA512
4a19cf8282461d491e1ebdeff4f554dcfefaecd47e08c3c78022ffa6399b5e4491c0142611e6a6687d739a8e685346aee8bb67e1c3052a26a837581626ff187d
-
SSDEEP
6144:qwjZBZHzhRvCCM5wBvbuV523wq6txm1XtCBofHBy4LzYfw1UF:hjZ7vLMKVZwHK1XQCfHByo+weF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.Trojan.TR.Dropper.Gen.13342.19149.exe
Files
-
SecuriteInfo.com.Trojan.TR.Dropper.Gen.13342.19149.exe.sys windows:5 windows x86 arch:x86
eedca3cd4d5f133b3c1ec5535d19ee00
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
RtlInitUnicodeString
ZwOpenKey
ZwSetValueKey
Sections
.rdata Size: 128B - Virtual size: 109B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 246B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ