0a521092ba58491cab3a6d145a45d7c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a521092ba58491cab3a6d145a45d7c5
Size

26KB
MD5

0a521092ba58491cab3a6d145a45d7c5
SHA1

416e39e866607ed2912fab363a65db4bddb18d47
SHA256

1badae11cbaf8aca2ec5aec9f3f43ac1c19ab54f43fe2447d24b69247e500027
SHA512

417ffe226b8d94d1143bbc02060ecaec8a1749f2dc3b0ee29f22ae8bcb73607e8be0227e0972abc924979bd12a002532963b4b65bd1c6e6e9c4941805c1bab51
SSDEEP

768:mm2fU7c1rYC7mrSg56kl57c7nXupwRnQM1E0rh:9tI1rYwmrwQ5qXupAy0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a521092ba58491cab3a6d145a45d7c5

Files

0a521092ba58491cab3a6d145a45d7c5
.sys windows:1 windows x86 arch:x86

228269738334c5f2fd52f287ecc7bc84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
MmGetSystemRoutineAddress

Sections

.edata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 883B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE