Static task
static1
General
-
Target
06094bb61e5138f99abd0b3a55df1c38
-
Size
26KB
-
MD5
06094bb61e5138f99abd0b3a55df1c38
-
SHA1
4a2686cd831ee54640d3f5b5b84937ae8ba6b23c
-
SHA256
be75336bb49be4e5e149297220f13e91d0275badee4b8ebbacb643f5ef505cec
-
SHA512
831e95537b03db5bb1f8f3bd6875989c71b2e31a874ac4f27f7d6f34a535f36387204f9703f25b4818c2e4b575393464eaf20369c6084548c5beb8b3706f1022
-
SSDEEP
384:2DR1XAWUwwfU6iIrwCf03F77xh/8Q6HIPIVe7dPRQmMA5yDWAddlSqd6NZBwlda+:yRQLMh/8QWTkZS/DTdrLENZGsFmKu8G
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 06094bb61e5138f99abd0b3a55df1c38
Files
-
06094bb61e5138f99abd0b3a55df1c38.sys windows:5 windows x86 arch:x86
37aa4d10a94362f709ca2aee235c5d20
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwClose
ZwDeleteValueKey
RtlInitUnicodeString
KeDelayExecutionThread
_except_handler3
PsCreateSystemThread
ZwQueryValueKey
ZwOpenKey
ZwCreateFile
IoRegisterDriverReinitialization
_strnicmp
wcsncmp
wcslen
towlower
ExFreePool
ZwWriteFile
ZwSetInformationFile
ZwReadFile
ExAllocatePoolWithTag
ZwQueryInformationFile
wcscpy
ZwEnumerateKey
wcscat
strncmp
IoGetCurrentProcess
PsGetVersion
strncpy
ObfDereferenceObject
ObQueryNameString
ObReferenceObjectByHandle
RtlCompareUnicodeString
ExGetPreviousMode
KeServiceDescriptorTable
ZwSetValueKey
wcsstr
_wcsnicmp
RtlTimeToTimeFields
ExSystemTimeToLocalTime
KeQuerySystemTime
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
IofCompleteRequest
Sections
.text Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 832B - Virtual size: 808B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ