Static task
static1
General
-
Target
1dc8ff9167e6bb224bf74d7a181224be
-
Size
33KB
-
MD5
1dc8ff9167e6bb224bf74d7a181224be
-
SHA1
d2a88a469fabab2f9b67a2cb538f84d9e5946638
-
SHA256
b9f74a3e18e3ac32b198dcc7a74c4bd43aa0ee3a86fc8e3e1eb31d3c4f75f8c0
-
SHA512
d9884d05d90b6fc705933064d79df472f69827e31ec007aac9f964420d3331dabfa3bf4c81d079d1bac373b091d0d9f0f30dd809b2f3ff9b61153d7036d2b913
-
SSDEEP
768:0HfgLHNjLzzbeTE83ujr83hMieYcCmKMUG:0/gDNjTb+ujr8xMCmT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1dc8ff9167e6bb224bf74d7a181224be
Files
-
1dc8ff9167e6bb224bf74d7a181224be.sys windows:5 windows x86 arch:x86
255166120636f8d841ad5ab089a6b65b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
MmGetSystemRoutineAddress
RtlInitUnicodeString
ExAllocatePoolWithTag
ExFreePoolWithTag
Sections
.text Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 170B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 30B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ