Static task
static1
General
-
Target
55c2ae9c92fd49c1c625c099a89af970
-
Size
28KB
-
MD5
55c2ae9c92fd49c1c625c099a89af970
-
SHA1
4e8e210e1a5f5a8554b5ac1d0dea700f9d6d1ad6
-
SHA256
7ddff2ad0df92d186ea2e1e24bbf4c129d510116e7bad3b5447bb88bbfec7afb
-
SHA512
8b56e8cd456e24c2ed03ef42e7968ccced5f22954e0a9970cabb9c609b971bc13f1f1dbc3161b25188c148a60fd4fb0b7421a64f2d1d129a256dc770ba501d40
-
SSDEEP
768:tViK2dNK5TeH0ndvgARxHrZi2w4elrRW9giJi5UbWqDB:tuY5TeqFgAR9m44YhBJF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 55c2ae9c92fd49c1c625c099a89af970
Files
-
55c2ae9c92fd49c1c625c099a89af970.sys windows:4 windows x86 arch:x86
17b494fa8ea2226ff0728cd8f0656da9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
wcscat
wcscpy
_itow
wcslen
_strnicmp
RtlInitUnicodeString
ZwClose
ZwOpenKey
swprintf
_stricmp
strncpy
_wcsnicmp
ObfDereferenceObject
RtlAnsiStringToUnicodeString
RtlCopyUnicodeString
IofCompleteRequest
strncmp
ExFreePool
_snprintf
ExAllocatePoolWithTag
_except_handler3
MmGetSystemRoutineAddress
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 896B - Virtual size: 870B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ