Static task
static1
General
-
Target
3cefb87d89cbc072f875b0bd20df326d
-
Size
21KB
-
MD5
3cefb87d89cbc072f875b0bd20df326d
-
SHA1
7acd44e047dee3795d7334d6d99a71a287f30034
-
SHA256
6001dc317ff3b4548573dc4585310ba8fda015365341e11387b7f58066028b30
-
SHA512
38ab493cda757471cec5725c30902697ba1f4b8914335b887edf286ff875a1e3f9df88a012b0872c33e877894ea8f124c08e8f904147692aaa9663d28e0ab2a3
-
SSDEEP
384:P1emxCkwqhDoIYcKjnb1hu9MfQj34xL0ph5O+vPKbOvc:P1fRwquI/Kjnb1aOU4xL0Y+0Ovc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3cefb87d89cbc072f875b0bd20df326d
Files
-
3cefb87d89cbc072f875b0bd20df326d.sys windows:5 windows x86 arch:x86
58312395bcfb1f9ec09119eca4f886b5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
MmGetSystemRoutineAddress
RtlInitUnicodeString
ExRaiseStatus
ExAllocatePoolWithTag
_except_handler3
ExFreePoolWithTag
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 44B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ