c:\sys\i386\Sys.pdb
Static task
static1
1 signatures
General
-
Target
7cc96880328fbf3a7919db261f609b53
-
Size
2KB
-
MD5
7cc96880328fbf3a7919db261f609b53
-
SHA1
d97e6ab2c89e785df4f43fc0b43fb802d6a86590
-
SHA256
dde6601d6d73c5df94870f5d5c88ff69a86be33d78a1f01e927360e306e03971
-
SHA512
f00d1f8ee2aff0434dfd931e55a190c00d7b97cdff489be512e0534f14d0b91a4fe14c8fdc6351dc5de2d4269f541a8955288ad28a3af5782cbcdc78b44ebc47
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7cc96880328fbf3a7919db261f609b53
Files
-
7cc96880328fbf3a7919db261f609b53.sys windows:5 windows x86 arch:x86
7589587d115b9dd6adce56a1bf9e9149
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForWrite
DbgPrint
ProbeForRead
_except_handler3
IoCreateUnprotectedSymbolicLink
IoCreateDevice
RtlInitUnicodeString
KeTickCount
Sections
.text Size: 640B - Virtual size: 608B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 40B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 512B - Virtual size: 428B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 110B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ