71d8207ccf69bb2588c69135dd9330bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71d8207ccf69bb2588c69135dd9330bd
Size

1KB
MD5

71d8207ccf69bb2588c69135dd9330bd
SHA1

c721ec06069c6baf0fbe6738c2320a4b7945d4ad
SHA256

780da406a218c445f176ac07f50aa45dca310a02abfa080f0674df5c829513ca
SHA512

1425a15bfae1e56751a205077d1a96ca844fe015db4411712030a3305fa0ee2d147a67ba2c5795f7c735850d5cc2205fc7b4ed8f5dd174fb2aae4112afda04cf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d8207ccf69bb2588c69135dd9330bd

Files

71d8207ccf69bb2588c69135dd9330bd
.sys windows:5 windows x86 arch:x86

a94f8faa78b398502ce6c362bc6011e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwClose
ZwTerminateProcess
ZwOpenProcess
ZwQuerySystemInformation
ExAllocatePoolWithTag
ExFreePoolWithTag

Sections

.rdata
Size: 256B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 128B - Virtual size: 3B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ