Static task
static1
General
-
Target
72dc2a41e58bc2725cbd6db47df73b58
-
Size
9KB
-
MD5
72dc2a41e58bc2725cbd6db47df73b58
-
SHA1
e23bc3ecf1fafa7feb9ca12187ddf9d2af2f9d37
-
SHA256
ac50ecba8f68896c9902000ef05bef0e4d8c9df59c5b62f4950a175e0ca7eed2
-
SHA512
c75a35f385f18c15c3d3617287747eb640b95bf1f21081741e050e1ef8cf794f59b26bab12f5d31db278feaf139d129f3ad4181a6396c219065caad0096f433b
-
SSDEEP
192:sCgm8xjAtI1BuH5RM8t+d7kZPL5maXSDZFgORt+LMfmmL1TzC7Ny5:BgfxTBwgdsJ+IOvuINV8y
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 72dc2a41e58bc2725cbd6db47df73b58
Files
-
72dc2a41e58bc2725cbd6db47df73b58.sys windows:5 windows x86 arch:x86
20480d0457c44c30687aa5dbc8cbdb1f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
strncmp
IoGetCurrentProcess
RtlInitUnicodeString
ObQueryNameString
ObfDereferenceObject
ObReferenceObjectByHandle
RtlCompareUnicodeString
RtlFreeAnsiString
RtlCompareMemory
RtlUpperString
RtlUnicodeStringToAnsiString
RtlInitAnsiString
ZwEnumerateKey
ZwEnumerateValueKey
ZwQuerySystemInformation
ZwQueryDirectoryFile
atoi
RtlFreeUnicodeString
RtlQueryRegistryValues
IoDeleteDevice
IoDeleteSymbolicLink
PsLookupProcessByProcessId
ExAllocatePoolWithTag
ExFreePoolWithTag
ZwQueryKey
KeServiceDescriptorTable
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
MmGetSystemRoutineAddress
MmIsAddressValid
NtBuildNumber
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 384B - Virtual size: 295B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 116B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 896B - Virtual size: 886B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 768B - Virtual size: 712B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ