Static task
static1
General
-
Target
3cd807d393dd88f5d22034718f8a8bad
-
Size
3KB
-
MD5
3cd807d393dd88f5d22034718f8a8bad
-
SHA1
36c92a6f523d7b318095c3814ae384a49216574e
-
SHA256
c6da2120dc5d9c9e41dbf57df5177ef2d9ba4b764a0213509f887241b0bf7e6c
-
SHA512
8d7ee1efafb9df27e5708c07de508c7e12a2b6fb108132766e167155a7300cac3f697f4ea7d20e4c9cca35b6ceeacc027e7e7c7ba4ac8f6d8091a30cc8112179
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3cd807d393dd88f5d22034718f8a8bad
Files
-
3cd807d393dd88f5d22034718f8a8bad.sys windows:5 windows x86 arch:x86
6efe84eb3feb20e22ad5e9613b0542a5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwClose
ZwSetValueKey
wcslen
ZwOpenKey
RtlInitUnicodeString
ZwReadFile
ZwQueryInformationFile
ZwCreateFile
Sections
.text Size: 896B - Virtual size: 812B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 151B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGE Size: 128B - Virtual size: 3B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 896B - Virtual size: 806B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 68B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ