24f09909ef313766220309c13da019d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24f09909ef313766220309c13da019d2
Size

1KB
MD5

24f09909ef313766220309c13da019d2
SHA1

23b4ee16378f7024c5279b748d0e305982ab76b0
SHA256

c6ee64cb4c7fa863331b1164d4d8c036f6d7856fbe2f19bdace7e3a5521983e0
SHA512

692a9071d03960f30e1412f52bb367e8e13781b643cd66d7554dbc2b730912d23970841632ac19c2fc27e244610b947fd00ddb5edb4a30baa169761ca322cffb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24f09909ef313766220309c13da019d2

Files

24f09909ef313766220309c13da019d2
.sys windows:4 windows x86 arch:x86

b68483fae148bbb5cf9f3ac6d5e15644

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwWriteFile
ZwReadFile
ZwQueryValueKey
ZwQueryInformationFile
ZwOpenKey
ZwOpenFile
ZwCreateFile
ZwClose
RtlZeroMemory
RtlInitUnicodeString
ExFreePool
ExAllocatePool

Sections

.text
Size: 672B - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 320B - Virtual size: 302B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ