Static task
static1
General
-
Target
1d35c9973562c3e4174b95a6a795d4a1
-
Size
18KB
-
MD5
1d35c9973562c3e4174b95a6a795d4a1
-
SHA1
fe885e492249cdaccf8c748432a27d2937093bc2
-
SHA256
cac5922ad59341a29799c4eb07d197a78fac51819efb99f1b9b4022106de1260
-
SHA512
d25703de38325415743fdd89dcc13997c13bf3358562265adc6f58ef798fb07f49161e21af70bcb49fb8dff87db3328819c6e5621c9a743cff174c48d911805a
-
SSDEEP
96:ntDAHtwa1emthj9raonlALaBqRcwsDvdI0wR9jJHBU8a:5ANp1xthJaolAOlnvdI0wRz/a
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1d35c9973562c3e4174b95a6a795d4a1
Files
-
1d35c9973562c3e4174b95a6a795d4a1.sys windows:5 windows x86 arch:x86
f0bdf5b0cb967325486d5d60da8ba9bf
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwClose
ZwSetValueKey
wcslen
ZwOpenKey
RtlInitUnicodeString
mbstowcs
ZwReadFile
ZwQueryInformationFile
ZwCreateFile
wcscat
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 151B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGE Size: 128B - Virtual size: 3B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 238B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ