Static task
static1
General
-
Target
20c7b45923db468e87bffb4054c9ca82
-
Size
113KB
-
MD5
20c7b45923db468e87bffb4054c9ca82
-
SHA1
907ef16d25950a1c8808fa9af09162f9344714af
-
SHA256
08940fe64e82c8e3ba54e375fb32ff1fbe704478b332cc4f4188e1c0170e65ce
-
SHA512
f4aa2ad895f2c26bb58c5ce3155ea1034d204a4d8ed44c3fa341131553a24978910038c292603bd1a8422a460357bf161d16b8f6148ea00d4069705e46164f21
-
SSDEEP
1536:chzzEQEyse+yM2lfhCUYwV+7pBPDGNO8zT+5IFVlwpQpm843az6FZAeWPLF:cSQdsryM2m3PyNxTMIF6BagsJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 20c7b45923db468e87bffb4054c9ca82
Files
-
20c7b45923db468e87bffb4054c9ca82.sys windows:4 windows x86 arch:x86
641da610618d4ccccb213a94cf5bfe3b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
strncmp
strncpy
strstr
_except_handler3
ExFreePoolWithTag
ExAllocatePoolWithTag
ZwQuerySystemInformation
DbgPrint
RtlAnsiCharToUnicodeChar
KeBugCheckEx
Sections
.text Size: 93KB - Virtual size: 93KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 94KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ