5a264af2c1ddfa3fc384bf0974fedaf4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a264af2c1ddfa3fc384bf0974fedaf4
Size

1KB
MD5

5a264af2c1ddfa3fc384bf0974fedaf4
SHA1

f934992c1e3ac2b6015932d4b53bd570a65551cf
SHA256

3210e8b43d548bb1c89d383f042d8d5e5dd8397d6b1191c87d3417672587f617
SHA512

b676706fa7a5f7b5f9c5aeb33806bffd7817c0dee116656e28931028a2b3c2e48a933411a5fd72de05c80bab5d534117693c9574fdba2718af3e05ae8c6a9c8f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a264af2c1ddfa3fc384bf0974fedaf4

Files

5a264af2c1ddfa3fc384bf0974fedaf4
.sys windows:5 windows x86 arch:x86

a94f8faa78b398502ce6c362bc6011e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwClose
ZwTerminateProcess
ZwOpenProcess
ZwQuerySystemInformation
ExAllocatePoolWithTag
ExFreePoolWithTag

Sections

.rdata
Size: 256B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 128B - Virtual size: 3B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 640B - Virtual size: 618B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ