22ae7d3f0ec802ffc42c3f7cc4d8f712 | Triage

Sharing

General

Target

22ae7d3f0ec802ffc42c3f7cc4d8f712
Size

2KB
MD5

22ae7d3f0ec802ffc42c3f7cc4d8f712
SHA1

b8a0909efd3dad3464703d744f537c0d38f6f4d9
SHA256

d9c9fbb33621d903d36e6281a9b1b313d5be20e5ba5d281141c3dad5fa1fe3ac
SHA512

7d89c54efcfcdfc1fd184ba3adba670e887dcb75001421b76c60676abc47981a90a87f723a354b5c8637e6bea89f953399ec03ba64a1b932fd6643a3ca610c66

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22ae7d3f0ec802ffc42c3f7cc4d8f712

Files

22ae7d3f0ec802ffc42c3f7cc4d8f712
.sys windows:5 windows x86 arch:x86

2d21688a64b414f3c2f76f8ca4c0b72d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
IoDeleteDevice
DbgPrint
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
_except_handler3

Sections

.text
Size: 640B - Virtual size: 636B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 324B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ