bbd5c7f5eea080a168e203c4a531705dca0c7be8457175cd0dfddf06f22d6ab9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbd5c7f5eea080a168e203c4a531705dca0c7be8457175cd0dfddf06f22d6ab9
Size

623KB
MD5

383e282509f6a06cfc1409443cfbe5c5
SHA1

8290a1095015e96544c48ddd5afdf1eef746317c
SHA256

bbd5c7f5eea080a168e203c4a531705dca0c7be8457175cd0dfddf06f22d6ab9
SHA512

3a9deb5685f22b85ae4b3f9e28d8ec4a6c8f6e77f44bce049dfa7449ca1d9b040ff5949dd606ab0a709c85c47c1dcd1861fb732be9cfa28f7b749af70d976752
SSDEEP

12288:jbCGadd+1aFx03iSFmc9wOY6Ckr2INJ9h4pTmTpqrTKf:j2Dd7Fx03iSguekqINXh4depoK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbd5c7f5eea080a168e203c4a531705dca0c7be8457175cd0dfddf06f22d6ab9

Files

bbd5c7f5eea080a168e203c4a531705dca0c7be8457175cd0dfddf06f22d6ab9
.sys windows:6 windows x64 arch:x64

2fcd1181a6f79bcb1be1340cc4823bad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

isdigit

Sections

.text
Size: 23KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 598KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ