randomizedisk[.]sys | Triage

Submit
Reports

Static

static

1

Sharing

Copy URL Twitter E-mail

Static task

static1

General

Target

randomizedisk.sys
Size

6KB
MD5

dc6f9cc8a1940d5c5b9b2f301b062493
SHA1

788d64145ae94893739b85be8d8e772653a07898
SHA256

71f51778f8fecd3f36525b398e08ad0f762f1409b0116112703db90f111883a8
SHA512

2d22750344ab2eb5f44ba3842ad2429bf5a83740b740f054e90af4586882739dcc9ca3d1ecea2a796d1fc23fd7e51696245c3858e31907afa70ff16ea47b5c05
SSDEEP

96:emVcRn7PDo78dxTSHWj7ZuaC2QCIpzZwAR:e0clbDsAYcVQ2Kz9R

Score

1^/10

Malware Config

Signatures

Files

randomizedisk.sys
.sys windows:10 windows x64 arch:x64

737171e8b91180526933c27674b89514

Code Sign

8d:b7:d8:61:21:59:8f:20
Certificate

Issuer

CN=385a920c-b903-4856-9fb8-4085487b8d00

Not Before

04/09/2021, 12:00

Not After

05/09/2022, 00:00

Subject

CN=385a920c-b903-4856-9fb8-4085487b8d00

ec:7a:54:c9:e7:ae:8e:ce:7f:6c:b3:ff:86:a2:f1:fe:b0:29:93:cf
Signer

Actual PE Digest

ec:7a:54:c9:e7:ae:8e:ce:7f:6c:b3:ff:86:a2:f1:fe:b0:29:93:cf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\nicov\OneDrive\Desktop\Spoofer Source\Driver\Driver\build\bin\Premium.pdb

Imports

ntoskrnl.exe

RtlInitString
RtlInitUnicodeString
ExAllocatePoolWithTag
ExFreePoolWithTag
IoGetDeviceObjectPointer
_vsnwprintf
strstr
KeQueryTimeIncrement
RtlRandomEx
ZwQuerySystemInformation

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy