191753f638c19e2f3607a53715c6b364 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

191753f638c19e2f3607a53715c6b364
Size

43KB
MD5

191753f638c19e2f3607a53715c6b364
SHA1

7f2f59be6780430935212e0aa06e2cd47c235f87
SHA256

27d4b3f64935689888ea5887ca2009d3cfe8bb76a36ed2eed8e1212002cd3f37
SHA512

e38074222c68e8b3d16757aa10e7d0a2b54f8248b13a4e1e64e3579825c0bf42e0bebec02adccb591961174a4f76f8cb3d67fac746a8334b5fc951fd0131bce7
SSDEEP

384:egW7Qp5f1uktfJ4jEJKQbO7kQR/AcXDMAdWdR:MS5f1uktfJq9O2AUwR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
191753f638c19e2f3607a53715c6b364

Files

191753f638c19e2f3607a53715c6b364
.sys windows:4 windows x86 arch:x86

c406d65432bba5ae7ac17f664bf43ce9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hal

HalMakeBeep
IoMapTransfer

ntoskrnl.exe

RtlInsertUnicodePrefix
PsSetLoadImageNotifyRoutine
FsRtlLegalAnsiCharacterArray

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 128B - Virtual size: 128B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ