aafccb8b3204f8fdf18e3bc6f1fd60e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aafccb8b3204f8fdf18e3bc6f1fd60e0
Size

1KB
MD5

aafccb8b3204f8fdf18e3bc6f1fd60e0
SHA1

ebb200856257b89fa3dd75af8f03494a59f7e427
SHA256

c4d939c648622ad8a0b2581dd63f8d2a57311f2771c3f98574a392209c6afa2a
SHA512

baf8764a933cceb1160272f96d52e42909903da3000ee5392bea965b4ca4abf061636bbc0ba9b08b18eafb4418b3e288d98753bee9ea6509f200a9659923ca0a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aafccb8b3204f8fdf18e3bc6f1fd60e0

Files

aafccb8b3204f8fdf18e3bc6f1fd60e0
.sys windows:4 windows x86 arch:x86

de452a9c57d8587dcf7fa6e9c4529fbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoGetDeviceObjectPointer
IoDriverObjectType
ObDereferenceObject
IoBuildDeviceIoControlRequest
IoCallDriver
ObReferenceObjectByName

ndis.sys

NdisRegisterProtocol
NdisDeregisterProtocol

Sections

.text
Size: 672B - Virtual size: 660B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192B - Virtual size: 173B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 320B - Virtual size: 320B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ