Static task
static1
General
-
Target
55e99cfb832bf7984892d529a6343597
-
Size
31KB
-
MD5
55e99cfb832bf7984892d529a6343597
-
SHA1
648f8f89d7cd837783aee22bfaf506ce68ac89f1
-
SHA256
375e8092aea03d8cd9d64b16bd0c4055c8dd2ce198d0c1db31c8782a6d0ede2d
-
SHA512
e4555d405a2aaa21645d6dbe977955fb541ae76a895094354931440b6500f9d5f64e88111e82045dcd05065d7b3e58f724f95b0f90379a628b9efdcc0fa3b792
-
SSDEEP
384:EleN9cEoEJ1R1DLX8gZrKVm2kUIwDot8qU4zuCiR9lWoCvuBkr/rgPnTM8xV2Bm6:jiEPzR5r8gZuM2ZIwIbijMRgv1r
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 55e99cfb832bf7984892d529a6343597
Files
-
55e99cfb832bf7984892d529a6343597.sys windows:6 windows x86 arch:x86
b51d29b3530d25827573676942998e55
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
memcpy
ExFreePoolWithTag
ExAllocatePoolWithTag
ZwQuerySystemInformation
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 145B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 156B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 110B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ