11b8d83c6ef5a9ca8c80b69779c6066b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11b8d83c6ef5a9ca8c80b69779c6066b
Size

26KB
MD5

11b8d83c6ef5a9ca8c80b69779c6066b
SHA1

6f63ff545b125c99d0464ebd8994c4796b520493
SHA256

fef720c2f771de60eb2972a22df6a004a941efd037e226266b808208ff6f475a
SHA512

e0c88c4a6da2ffec1c2534924fe49daee6d052ede16ba837db8cc73172e3b09c87008534d740064d5232896f97c022dd0f7c1150fa7d1a7ff8b39ce6dc982c4b
SSDEEP

384:6sCNALidcP2u83YXreOg61ygbm0A1m4B5TrabSXSHYhvISSd:6hYidM24D1VL4H44VS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11b8d83c6ef5a9ca8c80b69779c6066b

Files

11b8d83c6ef5a9ca8c80b69779c6066b
.sys windows:1 windows x86 arch:x86

228269738334c5f2fd52f287ecc7bc84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
MmGetSystemRoutineAddress

Sections

.edata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 883B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE