d:\programs\siberia2\protect\objfre_wxp_x86\i386\protect.pdb
Static task
static1
1 signatures
General
-
Target
baba7cd2dd32d7c0936cb98dbdcf5fa8
-
Size
31KB
-
MD5
baba7cd2dd32d7c0936cb98dbdcf5fa8
-
SHA1
3b9ee8e0267a3bf54d481216a8b84ddaceaf5d18
-
SHA256
70e8927dbe6f072c861adb04206d22d144fdedcae7900da144ace4761ff92519
-
SHA512
8f4034bc3bc049d4730d03be78e863dca378c4526bd59671cb1a6fde0c6643996e926d94990962e22367b98ebdce4ec7ed875a56b0f436b3136da54479d46d80
-
SSDEEP
384:8leNgcEk3xdnrh5vtulvrpZP0rG0tV50qoOGZZrISb0fdRNl4oCvuBkr/rgPnTMR:blEIxFh3qrnPjaoOFjdf6Rgv1z
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource baba7cd2dd32d7c0936cb98dbdcf5fa8
Files
-
baba7cd2dd32d7c0936cb98dbdcf5fa8.sys windows:6 windows x86 arch:x86
b51d29b3530d25827573676942998e55
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
memcpy
ExFreePoolWithTag
ExAllocatePoolWithTag
ZwQuerySystemInformation
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 145B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 256B - Virtual size: 156B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 128B - Virtual size: 110B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ