Static task
static1
General
-
Target
c4d4c84d07247059f7b99aad31a0f97b
-
Size
23KB
-
MD5
c4d4c84d07247059f7b99aad31a0f97b
-
SHA1
20f46c351e7a74f02f19a799e9d38ce98fedc504
-
SHA256
4ad894af0d1434950243030a98f74b06e98b6e5047e2de571b2a8b18c9e8c138
-
SHA512
6b1fd7f58a8b19ff6500c9066489b42b55db04248591820ed993f36e451d61da4303e7c244a2056ea4e915c5fcb6271705640ebf43a615cd6a01d2534b6ce3b5
-
SSDEEP
384:RTp4egTubX9GGBNv2elMi3Ln0zRw7Arqf0v8mYHdo+8/yaCR9bPRg7fI7c:RTfSiX9GKNv2MMwErzv+A/NCH7+8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c4d4c84d07247059f7b99aad31a0f97b
Files
-
c4d4c84d07247059f7b99aad31a0f97b.sys windows:5 windows x86 arch:x86
6bb11f1599a1ffbabaf4622053c97890
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ExAllocatePoolWithTag
RtlInitUnicodeString
ExFreePoolWithTag
MmGetSystemRoutineAddress
ExRaiseStatus
_except_handler3
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 256B - Virtual size: 214B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 204B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ