Static task
static1
General
-
Target
c260e8863a6a597e5f279ca4d4256119
-
Size
28KB
-
MD5
c260e8863a6a597e5f279ca4d4256119
-
SHA1
8e9e4f0b2834021b55edd7893e9756535597c555
-
SHA256
c1bb1e7511a2ad8ae94117ad192bf75357ab57a94c17bec444b5f7f843d6cf86
-
SHA512
8630da5cc64e0c1ee78c0b2d35f0698a2c18d14d053a5e7e26b493c0b2f1c3b0c8a9c5e4e3768e20ecd0caf2608a331f038a6be98d8f3bb853c77eb5fb4156ca
-
SSDEEP
768:KRIlP7DESxAwPPZNVE2bWosL+7rvvKaJYNF5:KR2P7swpnE2bnLqaJYn5
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c260e8863a6a597e5f279ca4d4256119
Files
-
c260e8863a6a597e5f279ca4d4256119.sys windows:4 windows x86 arch:x86
ccfa4096688f425151888c2162a14ded
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
_wcsnicmp
wcslen
IofCompleteRequest
wcscat
wcscpy
_itow
RtlInitUnicodeString
_strnicmp
RtlCopyUnicodeString
strncmp
ObfDereferenceObject
_except_handler3
swprintf
strncpy
ExFreePool
_snprintf
ExAllocatePoolWithTag
ZwClose
ZwOpenKey
_stricmp
RtlAnsiStringToUnicodeString
MmGetSystemRoutineAddress
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 864B - Virtual size: 842B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ