Static task
static1
General
-
Target
3de3e4f1b3936fadf1eac44320b7befd
-
Size
21KB
-
MD5
3de3e4f1b3936fadf1eac44320b7befd
-
SHA1
4eadca5f2973273db0d26f22e837b314aed25add
-
SHA256
79ed06fbe994602f632958c21265064df3ecea9f6b2584ce8da693885c448017
-
SHA512
2b484a5c81b403ffd712c7b1d3ab0fb726431587e7f40590492c0b684637d1325271692db2d4e5740ec0c714e92f30b72edf66fe87f23517ca68f1ec759177f9
-
SSDEEP
384:ZszP1C4uiYW8qm/W88d1yG5RCNUoZmIBjZ+9VftaKFoX8Cy:ZszP1rui0qxpgSRIUuyWKFWv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3de3e4f1b3936fadf1eac44320b7befd
Files
-
3de3e4f1b3936fadf1eac44320b7befd.sys windows:5 windows x86 arch:x86
b84017dfce0dd385723906fa2f1354e5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePoolWithTag
_aullshr
MmIsNonPagedSystemAddressValid
wcsstr
wcslen
MmGetSystemRoutineAddress
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 195B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 28B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ