Static task
static1
General
-
Target
667480baa3cca8cee1fb10b7432d4991
-
Size
3KB
-
MD5
667480baa3cca8cee1fb10b7432d4991
-
SHA1
7f95c60aa5406c9be56c3381b4087d4eec93ce02
-
SHA256
5949477bf6693dc5f03f454a6320356ec1f21d61e9cf30951bde00b60947f581
-
SHA512
eb52ae98e2b6e1de823b9350a0b8f70abf2122a0995e12ed75eada613f6c9eaabe068755f0eee7f551cb3aaf52510a97fec522ea452dbd7462769e3ace6cc6bc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 667480baa3cca8cee1fb10b7432d4991
Files
-
667480baa3cca8cee1fb10b7432d4991.sys windows:5 windows x86 arch:x86
1e484aa476e511cfea3b69315ca5ad42
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCompleteRequest
DbgPrint
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
ProbeForRead
_except_handler3
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
KeTickCount
Sections
.text Size: 640B - Virtual size: 592B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 384B - Virtual size: 260B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 512B - Virtual size: 418B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 128B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 512B - Virtual size: 511B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE