5374da93368459ee71f0ed1aa1be97b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5374da93368459ee71f0ed1aa1be97b9
Size

2KB
MD5

5374da93368459ee71f0ed1aa1be97b9
SHA1

40f026d7eb7d407eed5e0a108f7f59739bfeac12
SHA256

bf80aad38aba89637d703257a7d44c6ff43ce44ad148c62a59078bc536487996
SHA512

a797b41a84173239bbcbb93982b8a533b4eab9e2e1fe62297e37e45c4b5982b8b8a5ece6b940bc3b162c4744ce0cacd8384dc75f88661b8741678835da0e3393

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5374da93368459ee71f0ed1aa1be97b9

Files

5374da93368459ee71f0ed1aa1be97b9
.sys windows:5 windows x86 arch:x86

3a1fe1a6c0f5e200602f093f681d9c1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwDeviceIoControlFile
IofCompleteRequest
KeServiceDescriptorTable

Sections

.text
Size: 768B - Virtual size: 657B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 256B - Virtual size: 144B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ