Static task
static1
General
-
Target
25233f01be74e8dd2b38062030ed043e
-
Size
8KB
-
MD5
25233f01be74e8dd2b38062030ed043e
-
SHA1
1303d145b663de25ff6bc5781556b65d2569c249
-
SHA256
3dc2b61d3807271e1140051b9aa0df8836ddeca934c1fa8e9d45747c994f7ed8
-
SHA512
94b24a899e0605406bd9f54bd2850c58ee9c02aa268d45cc8840e191528e020593d68ea2d10a62490e7e3ac6642e13c958b3465522e38dc026ed05300f1f3852
-
SSDEEP
96:wRkTDlB22y5cjln89LNrT4bRW5RBx8EnWClNR9pGLdVCHMQ2fEnPHXkUIT:VFi6n89CO2o4LPVAHXkVT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 25233f01be74e8dd2b38062030ed043e
Files
-
25233f01be74e8dd2b38062030ed043e.sys windows:5 windows x86 arch:x86
3f136f183e8f0e58f027918af098a523
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCompleteRequest
KeServiceDescriptorTable
IoDeleteDevice
IoDeleteSymbolicLink
DbgPrint
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
KeTickCount
Sections
.text Size: 512B - Virtual size: 406B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 334B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 76B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ