c734d445c9930762dfae0c2806f06e5b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c734d445c9930762dfae0c2806f06e5b
Size

2KB
MD5

c734d445c9930762dfae0c2806f06e5b
SHA1

2ee368d0ae82a0ea7e669ebf31f548da3799c256
SHA256

3d423667b0774216dfc4e3453e41cdb058fefec6aab9b606c5b7838dfc0f1d18
SHA512

7550b0b68ebf266a4277bbd67fb7f3c1d2a39af4b2eb9d333604ddf998dc6f08c6bf813b3261cf31bf3ce9f7494ce9b1c9c60fc6921cfac28b44ca3b2522721b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c734d445c9930762dfae0c2806f06e5b

Files

c734d445c9930762dfae0c2806f06e5b
.sys windows:5 windows x86 arch:x86

7ab1fb828b69862d660cec7d9bec4120

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

DbgPrint
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
ProbeForRead
_except_handler3

Sections

.text
Size: 576B - Virtual size: 576B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 320B - Virtual size: 304B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 96B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ