Static task
static1
General
-
Target
138f93627d6248d935d5d1d684bd4d07
-
Size
3KB
-
MD5
138f93627d6248d935d5d1d684bd4d07
-
SHA1
f3588014e6806944b7e30a933126e456953bc661
-
SHA256
3fb56726865e369f876d76d74fd1d317d8d1ab03c82c7166ef9a1e0883282301
-
SHA512
1b7be3457882cf6fcb4107293661e4be98a9ea67ae2d26e68649b41194623c5b6b9cad3aad1f66c9e1a522396d39b3f1f5eaaa8f19f7ba72944cb45f6c54dc2e
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 138f93627d6248d935d5d1d684bd4d07
Files
-
138f93627d6248d935d5d1d684bd4d07.sys windows:5 windows x86 arch:x86
20d2c196236771522aefaa12cf48714b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
KeServiceDescriptorTable
ZwQueryDirectoryFile
IoDeleteDevice
IoDeleteSymbolicLink
IofCompleteRequest
RtlFreeAnsiString
RtlCompareMemory
DbgPrint
RtlUpperString
RtlUnicodeStringToAnsiString
RtlInitUnicodeString
RtlInitAnsiString
ProbeForWrite
ProbeForRead
IoCreateSymbolicLink
IoCreateDevice
_except_handler3
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 193B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 408B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 512B - Virtual size: 482B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ