Static task
static1
General
-
Target
26d6e1009956d97dac8096c2826a4783
-
Size
6KB
-
MD5
26d6e1009956d97dac8096c2826a4783
-
SHA1
0688f9be1d23a2a58564d72e8cca5a90139b9426
-
SHA256
e1f09595483fa7846e46c391f67bc652886e088939d940be6338cfe288d85f88
-
SHA512
2bab88e41b10c3bea45a3d00de8994ed664fe4cda8e2072679491d569939423a7073b8e7e244a7e1958915113aa7eeaf5edfc4c95c0f43edab220b95934521ac
-
SSDEEP
48:qtaR72FEiMS6rvwjh2JWfHfX+lEg82Qfbv0kdSj4Qko0z6GSp+Wf+WHIV90J0lFz:bRxi7NPfXmN2T0AVQDY60/9zlXfu6s4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 26d6e1009956d97dac8096c2826a4783
Files
-
26d6e1009956d97dac8096c2826a4783.sys windows:6 windows x86 arch:x86
babbe9833552aff91637f600dff270c6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwQuerySystemInformation
ExFreePoolWithTag
IofCompleteRequest
DbgPrint
ExAllocatePoolWithTag
ObReferenceObjectByName
IoDriverObjectType
RtlInitUnicodeString
KeTickCount
isupper
RtlAssert
tolower
hal
KfLowerIrql
KeRaiseIrqlToDpcLevel
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 169B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 238B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ