75f57c78cdae95f72c2fb7bbbd8d5df5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75f57c78cdae95f72c2fb7bbbd8d5df5
Size

3KB
MD5

75f57c78cdae95f72c2fb7bbbd8d5df5
SHA1

70f4e62fd1268699592fbbfada99d9766cab9156
SHA256

f1214f06ad43cd383f9e1c1198e085fcdeac41ba873c826c39e31f2c1b7ffbfa
SHA512

e98da015bef551151cf62b92ad4eaa495107da8aae16217f352984add81cdf4ab156f5dff3ebfefd2f1ca7139c137b40968c0dad14188e41a6b3675199b850ae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75f57c78cdae95f72c2fb7bbbd8d5df5

Files

75f57c78cdae95f72c2fb7bbbd8d5df5
.sys windows:5 windows x86 arch:x86

41eeb02f454ff16b6527676a473c3161

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwCreateFile
RtlInitUnicodeString
ZwReadFile
ZwWriteFile
ZwClose
ZwQueryValueKey
ZwOpenKey
memmove

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 256B - Virtual size: 208B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ