4f1d61014fb7d559ea1e45c85d54a690 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f1d61014fb7d559ea1e45c85d54a690
Size

73KB
MD5

4f1d61014fb7d559ea1e45c85d54a690
SHA1

ca8d90412f43ef9e7317cc8dff4d41d057a47f90
SHA256

e5363015ade045f9cd08f50f6e8d9bf52f44dd04b128a66969bdb13b3031f2de
SHA512

ff490ee9289643ed87421ce948db578556831f8d997e9682221469d8a436d59acde64c87bbe3967279e4980b5eea1b0ac18fc6854df59bdf2debbcd3b724f2c4
SSDEEP

1536:4mN7mn/PgpHU+BM3yKoun/1JscSfk/51+QjIY4yFuv+t1v:4mSPgfBM3Qk9JVSfoMQ14yFG+t1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f1d61014fb7d559ea1e45c85d54a690

Files

4f1d61014fb7d559ea1e45c85d54a690
.sys windows:4 windows x86 arch:x86

9b05f39f1f88ccc0836ceb58d43333c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlVerifyVersionInfo
RtlAppendUnicodeToString
InterlockedExchangeAdd
RtlEqualUnicodeString
RtlCompareMemory
KeQuerySystemTime
IoWMIWriteEvent

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ