Static task
static1
General
-
Target
8bdece682cf21b6ee581b51ac86f20e2
-
Size
24KB
-
MD5
8bdece682cf21b6ee581b51ac86f20e2
-
SHA1
091f94cddd2c18fe5904ab7a4beb95049543783b
-
SHA256
c1b5660bc0fed3c409b4ed9267b79b64bcab0c37505adf2cabf50e58b84515fe
-
SHA512
d3d27413aee4c3cc816007c8aad3752847503d26b75143d35c9ef5a04e6a12c85a50fe1f8ba8ca98b0f78c9bd142bf81727b1f08f9b59742d8e01d14d0f307cf
-
SSDEEP
384:jwYjsMyziXUMrM5orrUCc8BWaV+X6IdPZeO4Vl+K7MUBeOdHdK9B6m5TUbyB6wOt:jwQsMtXU4Lrrvma+cL+9OdwB6wBxO0S
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8bdece682cf21b6ee581b51ac86f20e2
Files
-
8bdece682cf21b6ee581b51ac86f20e2.sys windows:5 windows x86 arch:x86
6bb11f1599a1ffbabaf4622053c97890
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePoolWithTag
RtlInitUnicodeString
ExFreePoolWithTag
MmGetSystemRoutineAddress
ExRaiseStatus
_except_handler3
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 204B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ