Static task
static1
General
-
Target
49de67ed51c4540d5efa9ddfd2c3972f
-
Size
20KB
-
MD5
49de67ed51c4540d5efa9ddfd2c3972f
-
SHA1
46945fa168731dcfa058ac1a77a88ff03278e27a
-
SHA256
44da78cc31c7221689fcf74d1584888f61a24415ccb2d5f20f3e0ff077ef757f
-
SHA512
eb2a181dfca57349c746361065ac2b412e3ecd9bbc65d17b2639306c0675214705cd775c1dfec3cf1a2d6c04e5c97075b90c53152ecc050ab0ab2954f2808d2d
-
SSDEEP
384:enC9o5C6sqFWmJQmhQ1V03Ue/CyugTsJQEqS3qSCg6NpIbwp:eyo5CUFpJQmOa3Ue/jBYJQz7g6Np+g
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 49de67ed51c4540d5efa9ddfd2c3972f
Files
-
49de67ed51c4540d5efa9ddfd2c3972f.sys windows:5 windows x86 arch:x86
6bb11f1599a1ffbabaf4622053c97890
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePoolWithTag
RtlInitUnicodeString
ExFreePoolWithTag
MmGetSystemRoutineAddress
ExRaiseStatus
_except_handler3
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 204B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ