Static task
static1
General
-
Target
1da6045c74e1ac66e1d8bbf344705f3c
-
Size
13KB
-
MD5
1da6045c74e1ac66e1d8bbf344705f3c
-
SHA1
8a28995ee8669fc63e4b8d21810bf15f9b85ab98
-
SHA256
083cf047ac51b341deb58db344a355a968244df144a1beda6a25c0ddf1aa7ecb
-
SHA512
e2571c308a472b727e551259a0b410f99d91f1963210b2a646ed243f4e14e93734772c86e021a16391de0a15691e49554fc39f6b6f0349a80654b97b6c72d3f3
-
SSDEEP
96:e7P+EsnUQ6bVkaGRsC4+TfyNcML+A/Vayb+y9taHzdqmAbKpNsBOJmzzZLi5osL3:mPVsnUQdstEgiUbKp2BLsxL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1da6045c74e1ac66e1d8bbf344705f3c
Files
-
1da6045c74e1ac66e1d8bbf344705f3c.sys windows:5 windows x86 arch:x86
4edfd276e71f47012f7caa2851028913
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCompleteRequest
ZwDeleteFile
RtlInitUnicodeString
Sections
.text Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 114B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 132B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 384B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ