Static task
static1
General
-
Target
51b38a2ee5329d4cfe93780e74b7849e
-
Size
8KB
-
MD5
51b38a2ee5329d4cfe93780e74b7849e
-
SHA1
ce13c0c11d375945c270078156fcd601402850ca
-
SHA256
e0a3457c9c35cf3b736dc464b87d52c1758efd72b88b7f428fb1e8055fb9ce65
-
SHA512
1dc7c636f46f22976793989463c10f0c1bc75466503e7bacb5a2191de1fae687c971c689261783be7739573e9b2f966acc242a55f62e10cace7f7cdee8261929
-
SSDEEP
96:68EsCbVkNGBsSyUfcOszMBs86NAhy9AMYXBac33OYWIYPlKCJ3P:Ks6sOsWs8t49AMk85YWQm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 51b38a2ee5329d4cfe93780e74b7849e
Files
-
51b38a2ee5329d4cfe93780e74b7849e.sys windows:5 windows x86 arch:x86
839504a3b3e7f0c6f906b22a2933a8e3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCompleteRequest
ZwDeleteFile
KeTickCount
RtlInitUnicodeString
Sections
.text Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 133B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 226B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 164B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ