Static task
static1
General
-
Target
1e87fdcee800f980d4e223e1d28eb3df
-
Size
267KB
-
MD5
1e87fdcee800f980d4e223e1d28eb3df
-
SHA1
e098fcfebd9d427011cd5ee345f3bdab3d489572
-
SHA256
bdbcc80fc8e2d76a337a6a2b35951a07e5076c5918061b13f15af68bbb823696
-
SHA512
85a8651ed1b417fc653a551bae089c0cdc054ee12b9852e527009d93c257f892ae196d941c5ae53489b0c0460e4e0932b62e8eb61d659d839f67f033859dfd36
-
SSDEEP
6144:OweEWX6p20sAFS5wLcpTDuvzOaTiASLk/Nj1h5ci:OXw2NAcpyXSG5c
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1e87fdcee800f980d4e223e1d28eb3df
Files
-
1e87fdcee800f980d4e223e1d28eb3df.sys windows:4 windows x86 arch:x86
3d59e351c287006bcfb5615fdfc51048
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCallDriver
ExInitializeResourceLite
ExDeleteResourceLite
ZwOpenKey
RtlDecompressBuffer
RtlInitUnicodeString
ZwCreateKey
ZwQueryValueKey
ExfInterlockedAddUlong
RtlAddAccessAllowedAce
RtlCreateAcl
RtlLengthSid
SeExports
ObReleaseObjectSecurity
SeSetSecurityDescriptorInfo
ExAllocatePoolWithTag
RtlLengthSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
ObGetObjectSecurity
IoDeleteDevice
ExDeleteNPagedLookasideList
IoQueueWorkItem
ZwNotifyChangeKey
MmPageEntireDriver
IoFreeWorkItem
ExInitializeNPagedLookasideList
IoAllocateWorkItem
IoCreateDevice
DbgBreakPoint
hal
KfAcquireSpinLock
KfReleaseSpinLock
Sections
.text Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.INIT Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 232B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ