4f27f7bc495c7f8a4846795439e75411 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f27f7bc495c7f8a4846795439e75411
Size

3KB
MD5

4f27f7bc495c7f8a4846795439e75411
SHA1

99aed39de80230d371670636aa56cee03c2c2240
SHA256

895f077c70b38241ebd06b69c92c4c2cae0646e77cabefc38ab3a5e9162f8e22
SHA512

714713b5ba9ea632137aa0f8bbd29847d8fda6fc3375eb2c23b7c5d1c1b2cfa6ce9c8b8442bedb46db0b047a7457573ed79b60675b87a085f2a9ac60001ca9b3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f27f7bc495c7f8a4846795439e75411

Files

4f27f7bc495c7f8a4846795439e75411
.sys windows:5 windows x86 arch:x86

77fcc78af53f9ae16078a753cbac0775

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
ProbeForRead
DbgPrint
KeServiceDescriptorTable
_except_handler3
IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
IoCreateSymbolicLink
IoCreateDevice

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 384B - Virtual size: 304B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ