Static task
static1
General
-
Target
3db5a2f46808480298783814aead14ed
-
Size
6KB
-
MD5
3db5a2f46808480298783814aead14ed
-
SHA1
068e57ccfd670cff6a5801c5e85a94be5c5dd3e4
-
SHA256
fb9e31e34b2438685a6994e45905c7d0a9bf1435a247b27f6c382474c8d4e529
-
SHA512
1f0421aef34f22827df3349c6a247fb514c77a9df812452164b0f593a720fc63f5f39899e57599641d7cbecc208ddede62b1e87288ee031793a3dd4a40d4e701
-
SSDEEP
96:xBCpe2HfWgoWPk74om0nouIUjv3UyzJ0u+AP6oPBPwn7G7Yv1jkqj18SWHb:xBLAVR0LIkMU0XJoPB4SEdRZLWHb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3db5a2f46808480298783814aead14ed
Files
-
3db5a2f46808480298783814aead14ed.sys windows:4 windows x86 arch:x86
c646350bf00d1a392fbafe56206af0c7
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePool
KdEnableDebugger
Sections
.rdata Size: 32B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 64B - Virtual size: 46B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ