Static task
static1
General
-
Target
05c1b9727646d1d0c7ceba605073fa46
-
Size
2KB
-
MD5
05c1b9727646d1d0c7ceba605073fa46
-
SHA1
d0fa2dae668a1b51310f1fbe51b1ce8d798a0bf1
-
SHA256
73fc1dcb4dd9c83c89137e4b024a31b37dcee373b1abab04c18d8856d094a57b
-
SHA512
e6bd416a05e44167b6607cc76d3df746f85bcabbd1b7f56936b2055dc274195733afd80a2053c2c36861163e881abccf19293a71a3fa757380274059bf7a39b0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 05c1b9727646d1d0c7ceba605073fa46
Files
-
05c1b9727646d1d0c7ceba605073fa46.sys windows:4 windows x86 arch:x86
b6d08cc1950cbb580ee9dc8873781b91
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IoGetDeviceObjectPointer
IoDriverObjectType
IoCallDriver
ObReferenceObjectByName
ObDereferenceObject
IoBuildDeviceIoControlRequest
ndis.sys
NdisRegisterProtocol
NdisDeregisterProtocol
Sections
.text Size: 896B - Virtual size: 890B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 160B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 320B - Virtual size: 320B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 64B - Virtual size: 38B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ