Static task
static1
General
-
Target
461472e42ac2d04fa77e1b23b9e173ae
-
Size
5KB
-
MD5
461472e42ac2d04fa77e1b23b9e173ae
-
SHA1
71489fd925b4cb8bd8f9ed070e1d81e9420f48ba
-
SHA256
2184837e8ebb83ad9aa77b70978a41456715ab15b00abcd17731e3680b45ffb2
-
SHA512
ee6341dc3a6269156eafa576967d3aed0cb862eb8f202f412a5d9abcd6be43e2f274f80891011b53e84a28f67438265374b47d745c4964f05e1b5605e29ea67e
-
SSDEEP
96:9xjjzTO3fOP3eCuoz4ZVJ10cB4gRLaqJ+rzSL1zZx6ipKKYLpBDXeTg8O5TygLxl:9GmP3xuo83f06DLaPu1zZx6ipKKYLTDR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 461472e42ac2d04fa77e1b23b9e173ae
Files
-
461472e42ac2d04fa77e1b23b9e173ae.sys windows:4 windows x86 arch:x86
d05470f05a8f176d7e3d0b0eb396aeda
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
MmIsAddressValid
MmSystemRangeStart
KeServiceDescriptorTable
ndis.sys
NdisDeregisterProtocol
NdisRegisterProtocol
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 64B - Virtual size: 47B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 352B - Virtual size: 324B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 232B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 448B - Virtual size: 434B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ