65ee7ba918716382b53cead83d944cee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65ee7ba918716382b53cead83d944cee
Size

992B
MD5

65ee7ba918716382b53cead83d944cee
SHA1

02b4cfb7ba9484132528b0b733fece7314a1c636
SHA256

3cb858da773d68df6a8e37cf8bd8db911e608250a93fe60775f6586f7144be1b
SHA512

bcac3212f5c757e9fba746d6bec97999dabebc1be806cb84e6ca979007469dfef6677f4cef2ad09dfca618ed723e549f4c6dc9b9922ead4cbd68129fec520bd2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65ee7ba918716382b53cead83d944cee

Files

65ee7ba918716382b53cead83d944cee
.sys windows:4 windows x86 arch:x86

27e9227e35a8dab837de78a50809630f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

PsInitialSystemProcess

Sections

.text
Size: 288B - Virtual size: 269B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 96B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 32B - Virtual size: 14B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ