37e67ceec2d92ec8363e73f80a4e83ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37e67ceec2d92ec8363e73f80a4e83ec
Size

2KB
MD5

37e67ceec2d92ec8363e73f80a4e83ec
SHA1

2811c3e3ab12e818565531949d976ce6f1560f44
SHA256

e51349e20c05ba8fcee0972614b5605ac6af74bfd8a223e096a6bab2e8464333
SHA512

c8c992046ecdac5c69e3ed6935351cf103ac2854e5c251db2cd8b6532e623ff7bd7dcf7e68a90be6528bc6e286bfe71a936a00b7d89e9ec7262219bb67a27b33

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e67ceec2d92ec8363e73f80a4e83ec

Files

37e67ceec2d92ec8363e73f80a4e83ec
.sys windows:5 windows x86 arch:x86

e9d4c2e3d2463f8a8d0e53fab8344e34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
DbgPrint
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 324B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ