Static task
static1
General
-
Target
b77fa486d9f5876ab7817391d2ca8132
-
Size
23KB
-
MD5
b77fa486d9f5876ab7817391d2ca8132
-
SHA1
d82e997f5b59907f60407b77509713d7d1945279
-
SHA256
6b25f0308d11aabea0a8e137ff0a08a0e987d28993c63558f95354eeb998d7b0
-
SHA512
1d73e938b421204869686b1e486d80afe7e29c8cc8fd9f161413b552a0ed13a10e3682e4c3b13265af8e8bd761aa52b622d0597340732715ad9eb89c1709b6c0
-
SSDEEP
384:tLt+5COJnYBFHGRbO4c7Zcj0Ss2R3H414RHt20JC48cCtpHiIgLGdXUs:tJOPYBpGRbjtAH2RuSHt2iqcOpHi7J
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b77fa486d9f5876ab7817391d2ca8132
Files
-
b77fa486d9f5876ab7817391d2ca8132.sys windows:5 windows x86 arch:x86
6bb11f1599a1ffbabaf4622053c97890
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePoolWithTag
RtlInitUnicodeString
ExFreePoolWithTag
MmGetSystemRoutineAddress
ExRaiseStatus
_except_handler3
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 204B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ