Static task
static1
General
-
Target
11589bf5eaff230a6928a7cc2de389be
-
Size
30KB
-
MD5
11589bf5eaff230a6928a7cc2de389be
-
SHA1
9fc00dc5ed99406291a2bb244e1e3312a9a7d438
-
SHA256
ce0d4420f84cd981ce831acbf566e9b75b59d10bec7702c6e3d8edf896a409af
-
SHA512
235e6e0f6a6cc17f0992ebc21cc45e1ec120a24d2f3f2d15b5c3c69f3523973a83477cae50880fe2688b56cd592c6c2998b6ca81df56cd8acc55fcd41ee77b14
-
SSDEEP
384:TFcXSOwydyVCizMK7MEiZt8U/g9agCi1apw/vQaSh/QOzXcsMyllNvr4X4Kd6RDj:8VgM3Lv0x4+/sh3zNlJ4X4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 11589bf5eaff230a6928a7cc2de389be
Files
-
11589bf5eaff230a6928a7cc2de389be.sys windows:6 windows x86 arch:x86
fd056cefb51e16931d199a85a9f02eec
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
memcpy
strcmp
ExFreePoolWithTag
ExAllocatePoolWithTag
ZwQuerySystemInformation
memset
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 145B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 184B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 124B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ