Static task
static1
General
-
Target
03166fa0f6e8fc91e32ed84075490187
-
Size
3KB
-
MD5
03166fa0f6e8fc91e32ed84075490187
-
SHA1
5c20ec3c8c901bf87499d59acd2c778afb0a5991
-
SHA256
d0d6c104089b63a744fdda7d33d04bcf8bee01f66095f7503179fdde4cc7f180
-
SHA512
53984d757b41993b2d9561077a03012b6d3693ab739630c475e20f428b1377467a9d71073955fdbde86775182aaab0e0b13b321d7b17103fb7ab88afe0af564c
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 03166fa0f6e8fc91e32ed84075490187
Files
-
03166fa0f6e8fc91e32ed84075490187.sys windows:5 windows x86 arch:x86
4edfd276e71f47012f7caa2851028913
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCompleteRequest
ZwDeleteFile
RtlInitUnicodeString
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 102B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 132B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 50B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ