Static task
static1
General
-
Target
0af15572c4a1b0fcc2b65bdbf0a68a72
-
Size
17KB
-
MD5
0af15572c4a1b0fcc2b65bdbf0a68a72
-
SHA1
39684648bf5373c99e70b67830fb7050be45a1ff
-
SHA256
e42cc0378496d2b7d3a20203d9bb7b4dd9fd2b8220c58bcc2645a72e3ceed074
-
SHA512
261680a071314da14bcdaa83a0823ec2a3d1994367a38bcffc6841bcb4f00b7f99546886aa224183bb34e11b2db45bed8f275eb994883f23a0e20326d88ffbcc
-
SSDEEP
96:RWotD+IYQ912uHL2oLe20on2IEwsbUroi4YgJ+8:/+TQ912uHLJLeZo2IBsAro/Jz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0af15572c4a1b0fcc2b65bdbf0a68a72
Files
-
0af15572c4a1b0fcc2b65bdbf0a68a72.sys windows:5 windows x86 arch:x86
f0bdf5b0cb967325486d5d60da8ba9bf
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwClose
ZwSetValueKey
wcslen
ZwOpenKey
RtlInitUnicodeString
mbstowcs
ZwReadFile
ZwQueryInformationFile
ZwCreateFile
wcscat
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 151B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PAGE Size: 128B - Virtual size: 3B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 240B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ