3f65bf4acb73545e8e853677c37c6a8d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f65bf4acb73545e8e853677c37c6a8d
Size

6KB
MD5

3f65bf4acb73545e8e853677c37c6a8d
SHA1

299dee51d7c8f219fbaeae7a2a02dd8c071a4eff
SHA256

9c726f2c6430eae2dff33dc1e41f915df2469c9e711fad5607142a57cb920683
SHA512

0c5786d04bb125ca8987993a8a4f6838c9426de33a24505ac390ba1e8af165a31bddc2f2cc8c9aabfbd1aa8559fd7a02a16cfa0321d4bd4dbc4d0c58abcc96f2
SSDEEP

192:nyFcG+pLox02CFy0WLlaIfhmWVmz5hLWlw:ny2GOQvUymV9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f65bf4acb73545e8e853677c37c6a8d

Files

3f65bf4acb73545e8e853677c37c6a8d
.sys windows:4 windows x86 arch:x86

c646350bf00d1a392fbafe56206af0c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePool
KdEnableDebugger

Sections

.rdata
Size: 32B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64B - Virtual size: 46B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ