Static task
static1
General
-
Target
002f333ce48def141577a3aaf4f7e0ce
-
Size
31KB
-
MD5
002f333ce48def141577a3aaf4f7e0ce
-
SHA1
a80cbf8d2cfc8f257b2e56f3e20d5b6cd8629404
-
SHA256
e4c7e171400380d49a94195f234f3c3946d90584fe160113922fbe566ab8a1b8
-
SHA512
ac19aa37f114807c8521969bc814295661cb63b6e39f56867985ab414765a9ecc2843ecf9145edba592d31d62aa96ddd622979d8286f258bb794f13b6217d822
-
SSDEEP
768:8lsIJUFzU9W5WLG16I4LVKbwXIegem4/q4XJkuY:8uI4zU9dLG1OLzgez5tY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 002f333ce48def141577a3aaf4f7e0ce
Files
-
002f333ce48def141577a3aaf4f7e0ce.sys windows:4 windows x86 arch:x86
3b3467fbb87dd15ec103e60725d2bf53
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
DbgPrint
RtlImageNtHeader
FsRtlLookupLastLargeMcbEntry
IoGetDriverObjectExtension
IoAllocateAdapterChannel
ExFreePool
RtlUpcaseUnicodeToOemN
FsRtlNumberOfRunsInMcb
ExInterlockedPopEntrySList
ExRaiseAccessViolation
SePrivilegeCheck
PoSetPowerState
IoThreadToProcess
ZwDeviceIoControlFile
RtlCreateSecurityDescriptor
SeDeassignSecurity
RtlAnsiStringToUnicodeString
RtlInitString
ExAllocatePool
KeInsertQueueDpc
DbgLoadImageSymbols
RtlFreeUnicodeString
NtLockFile
ZwLoadKey
RtlCompareUnicodeString
KeInitializeApc
strcmp
ZwOpenFile
KeQuerySystemTime
strcpy
RtlInsertElementGenericTableFull
Sections
.text Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1024B - Virtual size: 663B
IMAGE_SCN_MEM_READ
.rsrc Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 42B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ