4fa410919aa432b05a15a1f780227838 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4fa410919aa432b05a15a1f780227838
Size

5KB
MD5

4fa410919aa432b05a15a1f780227838
SHA1

6d41406e15ce366334b2699b9a75bc18127b59e6
SHA256

9ddbf8adf427d724c6e248dff3773690291d159f58cdef42f73b9a5eaf5fd386
SHA512

5408038b992338b559e7b86282b61d33e436fb40a77ab3dc24dc6833e1e171b562841c91804281963bf4a2110c62acfc9ed95355a449aecce174473a9be2360f
SSDEEP

96:VWmC+GqmkMOkeYAf0JArZ3fWU4dt3jbm8ysXk1HKIigqHAlUovJjkOT18S9I6j:kaakyA5pWU4f3esIbflHJFpL9I6j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4fa410919aa432b05a15a1f780227838

Files

4fa410919aa432b05a15a1f780227838
.sys windows:4 windows x86 arch:x86

c646350bf00d1a392fbafe56206af0c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ExAllocatePool
KdEnableDebugger

Sections

init
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 128B - Virtual size: 104B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64B - Virtual size: 46B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ