7ba0c0ade719c58fa7c75fae5c40022b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7ba0c0ade719c58fa7c75fae5c40022b
Size

7KB
MD5

7ba0c0ade719c58fa7c75fae5c40022b
SHA1

5e4040bb51b84a955b0d40a48ca8769ed9d39101
SHA256

30f5ecff68922ec772f8904d611a90a2c38d37cf1788ede3243230dbbb26996f
SHA512

f9c67a4de62fb569747e92613b67de3ef1ec1793564c63e6d35ad6f05675ca9bd4f335e365f56792c62663f459a38f261a6253a0137f84c9cb926ee585f1b909
SSDEEP

96:wdCIfqfwhceufwhyhhSuhwihm2fAmfourSufuvh9fHOhenZt7pEf472drbzSnrt:2YSrzj4SMkng472drbur

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ba0c0ade719c58fa7c75fae5c40022b

Files

7ba0c0ade719c58fa7c75fae5c40022b
.sys windows:5 windows x86 arch:x86

6e634702e5c9a0186d86225da06bebef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\teste\Desktop\c0debank\Driver-Zip\objchk\i386\c0decash.pdb

Imports

ntoskrnl.exe

ZwCreateFile
IoRegisterBootDriverReinitialization
RtlAssert
ZwClose

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 152B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 256B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ