0c176dd333c45a770965984fd34841f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c176dd333c45a770965984fd34841f0
Size

2KB
MD5

0c176dd333c45a770965984fd34841f0
SHA1

ecf560aa6b069bb7cd22362a4f11f5e699ac26e7
SHA256

77fe99e233992f8c0599c28bd2cff15a5408e51cff0c60300be24020e474d9c7
SHA512

19e299397cd8654eb678a0b0206a006870a21559aa1c333b08cc13c31a41dbfc32eaf67ce524d99b0fc849cec84a910fc934ec1c67a553639240dc37d6574ca0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c176dd333c45a770965984fd34841f0

Files

0c176dd333c45a770965984fd34841f0
.sys windows:6 windows x86 arch:x86

4d7ad4d6afe8c8df5bb808c741ca1df0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
IoDeleteSymbolicLink
IoGetCurrentProcess
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
NtBuildNumber
RtlInitUnicodeString
KeTickCount

Sections

.text
Size: 768B - Virtual size: 722B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 348B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 94B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ