Static task
static1
General
-
Target
8eba108bde72a0667c17b98cabeae01c
-
Size
2KB
-
MD5
8eba108bde72a0667c17b98cabeae01c
-
SHA1
6c38581d4b4c45bece0261a303dfbfc4feb4ea5d
-
SHA256
e4932319709e01a5dc9dca49614c1ab2002917a02a52380a3e1e48acba259e13
-
SHA512
978ba941d2bbf854dde6b56f171599d45a6f845ff1ee188da88bba88f0d71f5a7b800bf5247d45c154a1f34b71ee45b12c4c326f0cdb8da13184dd04bfa62710
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8eba108bde72a0667c17b98cabeae01c
Files
-
8eba108bde72a0667c17b98cabeae01c.sys windows:5 windows x86 arch:x86
3aad03e1de2a267a66f8a1ec7335aaba
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
MmUnmapIoSpace
MmMapIoSpace
MmGetPhysicalAddress
KeServiceDescriptorTable
KeSetEvent
KeDelayExecutionThread
memmove
RtlFreeAnsiString
KeWaitForSingleObject
ObfDereferenceObject
RtlUnicodeStringToAnsiString
ObReferenceObjectByHandle
IofCompleteRequest
KeInitializeEvent
IoCreateSymbolicLink
IoCreateDevice
Sections
.text Size: 928B - Virtual size: 923B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 236B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 64B - Virtual size: 36B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 576B - Virtual size: 548B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 160B - Virtual size: 146B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ