a3adb45053b6fa8e45b1ba5ccfcc35dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a3adb45053b6fa8e45b1ba5ccfcc35dd
Size

67KB
MD5

a3adb45053b6fa8e45b1ba5ccfcc35dd
SHA1

0639951bc4bb0164f2f450ba1efd5cc526af3d6c
SHA256

36c3757213021cdb8d66cc19df1fe53e1d83e47adc13ff326d3cd86ff2601141
SHA512

56a965a8fcfd3f7d5fe716c1bcbd157c7b0f8a20f49847a886c3020ae60b886a6c16c01bc78184f065367888817549d6bcfa61e01e5f69c39aeb16ac9daa8954
SSDEEP

768:L3sIlT0FIiuvpawX+//g4Mzx8El7nGwpCg4naH2pR6BB2ZX9+G4IjREZVs5EvifE:X2dm5d485dGyX276BO9hCCjtEDIo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3adb45053b6fa8e45b1ba5ccfcc35dd

Files

a3adb45053b6fa8e45b1ba5ccfcc35dd
.sys windows:6 windows x86 arch:x86

19bb429532d89561e9fa548f9088f9ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
ExAllocatePoolWithTag
memset
RtlCharToInteger
ExFreePoolWithTag
RtlAppendUnicodeStringToString
RtlGetVersion
KeTickCount
KeBugCheckEx

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 352B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ