Static task
static1
General
-
Target
0c6efa13517c208d6faf470090b20417
-
Size
31KB
-
MD5
0c6efa13517c208d6faf470090b20417
-
SHA1
47bcf57e8cd4b8112b2bafa77fc361297fb255eb
-
SHA256
26a4b124fe196ceb08f1c1bf74b6ffa49d86287941a7257c1174ee95f10219d2
-
SHA512
ceaf7271df66d07549219a2dd0c3e41da9046ca2ec825d5ebd9d7458be1338b7c695f5b677aa137bec3e758d7318043f4356689fa92d352dcd7e5bc844f322bd
-
SSDEEP
384:sP9KZFbEg1TAbSw2csQGoja2de++mlHkcq0y7oAY6rueoZ:1FYgdAbAcsQRa2de3d0Fcueo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0c6efa13517c208d6faf470090b20417
Files
-
0c6efa13517c208d6faf470090b20417.sys windows:5 windows x86 arch:x86
cf3342af242ad04f24a78e2457f50966
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
MmGetSystemRoutineAddress
RtlInitUnicodeString
KeTickCount
wcslen
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 219B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 384B - Virtual size: 300B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 226B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 384B - Virtual size: 262B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ