Static task
static1
General
-
Target
54b92ec3215491ff2234f817a656e18e
-
Size
10KB
-
MD5
54b92ec3215491ff2234f817a656e18e
-
SHA1
f2e5feb5925baeb532a0a9db0e80c43c9626c894
-
SHA256
d5bae1c921db320a018dd1143946b00356c776345ff1fd259593f3f67c892f60
-
SHA512
d511c8351179ea4612787ad3f70222f1baae8854e9498d7f1d3057326d47c2c5ed67c6d05295089fabe71f518241ebf78ece437efc8cc0024df07104b30daa39
-
SSDEEP
192:k7hSrgqijXOwb4BUIFo9Y+Zl1RHXizrZUETijulTDPyxpaA:AhSrtUXOwXIMzZ3RHSXZUjuhK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 54b92ec3215491ff2234f817a656e18e
Files
-
54b92ec3215491ff2234f817a656e18e.sys windows:4 windows x86 arch:x86
84af902e38e6201757edc31997965389
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ZwDeleteKey
ZwOpenFile
MmGetSystemRoutineAddress
hal
HalDisplayString
KeRaiseIrql
Sections
.text Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ