8a51ba25ae5768ee38a2efa805d0dc93 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a51ba25ae5768ee38a2efa805d0dc93
Size

49KB
MD5

8a51ba25ae5768ee38a2efa805d0dc93
SHA1

12b7266c2ab7f50e6ef0e19a379f852e23f39f42
SHA256

cf240a5ebe1cddbd90f172fd82082f47eac70b123af9a1d2580a6b9f0657e74f
SHA512

171da30e6a2dead7fdd27a3fe628f43b49a9ce0e522d8b929ad92563cc7faf3ff4e2929291e733f998dc6c38008cce20468d5e775f3864a92798d05f05d16b7f
SSDEEP

768:6Rybdx5Gu0p8jKYLWsL+5xhBBjir4+nhPu/NaWO0bMoB1:6QdyVpINLWiKxhBmDno/wPO1r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a51ba25ae5768ee38a2efa805d0dc93

Files

8a51ba25ae5768ee38a2efa805d0dc93
.sys windows:4 windows x86 arch:x86

2fdabff33db571fdd0278d89e24717d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

usbport.sys

USBPORT_GetHciMn
USBPORT_RegisterUSBPortDriver

hal

KfLowerIrql
HalProcessorIdle
KeRaiseIrql

ntoskrnl.exe

ZwCreateFile
ZwTerminateProcess
isprint

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.myn
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tsuoc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ