Static task
static1
General
-
Target
18482cb4d8510f0ff5d2fc15dd212acc
-
Size
2KB
-
MD5
18482cb4d8510f0ff5d2fc15dd212acc
-
SHA1
a8b64a10ca238abf176f903b5166c087a0c9eb57
-
SHA256
28f2171f4493ea85d97bd1b4a52d8277a4a964b54538682dbb8a226bbb0aec08
-
SHA512
716282f2712a378e201a4a4a81f3c8b1325146a3188c77ae63db953bdcb38c4a98ccb37c4d001c304ca4a60ad7888475d3b47e27d82925568a61b463e517316e
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 18482cb4d8510f0ff5d2fc15dd212acc
Files
-
18482cb4d8510f0ff5d2fc15dd212acc.sys windows:5 windows x86 arch:x86
5ae8f84fe4ac06efef4c115c1d97240a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
IoFreeMdl
MmUnmapLockedPages
MmMapLockedPages
MmBuildMdlForNonPagedPool
MmCreateMdl
ZwQueryDirectoryFile
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
PsGetVersion
_except_handler3
Sections
.text Size: 768B - Virtual size: 702B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 174B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 512B - Virtual size: 472B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 110B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ