a98f36ebd7a6e731ee7e138c1197b826 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a98f36ebd7a6e731ee7e138c1197b826
Size

40KB
MD5

a98f36ebd7a6e731ee7e138c1197b826
SHA1

396d990b0c0609ff7f916b559fdad32af0557dc8
SHA256

cb76599f0f24d76ddda004cb5de4c2ce9d7a77a2c02a34db6b47dbeb057cc8dc
SHA512

a01788d9660922273aa0a3d62860df842b5591dbbbbdd1024d30057ab1b3ef60af4bebda1396d911cf4da5561bea2219f8b526bfed8741699765f180afe38ae4
SSDEEP

768:29r6AVCDHCkqtyatgOflfbGoys69jve9ocAC0J59KW1bt2kY9:gWvJU1tllfCZfhvVcvq59KW1bt29

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a98f36ebd7a6e731ee7e138c1197b826

Files

a98f36ebd7a6e731ee7e138c1197b826
.sys windows:5 windows x86 arch:x86

3165e3bf7afdfac8176d4d8fc91ebef5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeGetRecommendedSharedDataAlignment
RtlEqualUnicodeString
RtlInitUnicodeString
MmGetSystemRoutineAddress
KeSetTimer
ExAllocatePoolWithTag

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 231B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ