c8f907f1b04b0131ff452fed80ea4ca7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8f907f1b04b0131ff452fed80ea4ca7
Size

93KB
MD5

c8f907f1b04b0131ff452fed80ea4ca7
SHA1

3455cdaf5249d9e0083fec6b4020b52839a4b967
SHA256

ecda63792ef664cec15758b865c23536c17c27b5c6de84efba16203657c371aa
SHA512

ae1e46f37fe0f93d232b3b0d7d3722e84a00560efdc3f61af76984ed1da6f8268a98f192fbfdca8831a6cda92d2602512d1882d7ed7cf120ecbe7ee19cdb1d34
SSDEEP

1536:hwNNTLDGrzEo4Dpqt5IqjhVv6cKX6Hn+6N48vSXM6DeqsjwZHP:mNNLDG/GDpqIqjhVyFIi86X2qsjwZv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8f907f1b04b0131ff452fed80ea4ca7

Files

c8f907f1b04b0131ff452fed80ea4ca7
.sys windows:5 windows x86 arch:x86

2df80650cc1853520a241690a4ebf486

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ndis.sys

NdisWaitEvent

ntoskrnl.exe

DbgBreakPointWithStatus
MmGetSystemRoutineAddress

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE