Static task
static1
General
-
Target
c94020b5fbba7d890f6b4f91e68fcee9
-
Size
19KB
-
MD5
c94020b5fbba7d890f6b4f91e68fcee9
-
SHA1
66d93b0b3e1e5cc40a2b9483062a9a521779fa85
-
SHA256
4e674d824e5e96a5b158fea54591a7b2967ba23f3a5d712862a33804d2e709be
-
SHA512
ffb18d570ba9269e794d15dc5cd3e10b69d86b43df788a71e13434d2f09dd69bdf2484de9591fd9d6f90d70ccfda588b4c0f88ed9d7078fb37a4aa7fa3fa300e
-
SSDEEP
384:8V4YjS1N3PilYI/CWGCIxKoERAJhyOWQONEWe4dymFcKFofsAf0Li0FiOrUqvu8:8pj8N3PiGQ9GCWJhyOWQf5KaDf0RoOfF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c94020b5fbba7d890f6b4f91e68fcee9
Files
-
c94020b5fbba7d890f6b4f91e68fcee9.sys windows:4 windows x86 arch:x86
6a32cee76dbfa6051775cc1765778be3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IofCompleteRequest
strrchr
IoGetCurrentProcess
atol
ZwClose
wcsstr
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
_except_handler3
ObfDereferenceObject
ObQueryNameString
ObReferenceObjectByHandle
RtlCompareUnicodeString
ExGetPreviousMode
isdigit
KeServiceDescriptorTable
ZwSetValueKey
isprint
toupper
isspace
srand
isupper
PsGetVersion
_strnicmp
_wcsnicmp
wcslen
RtlTimeToTimeFields
ExSystemTimeToLocalTime
KeQuerySystemTime
wcsncmp
towlower
isxdigit
islower
atoi
ZwCreateFile
IoRegisterDriverReinitialization
ExFreePool
ZwWriteFile
ZwSetInformationFile
ZwReadFile
ExAllocatePoolWithTag
ZwQueryInformationFile
strchr
wcscpy
ZwEnumerateKey
wcscat
KeDelayExecutionThread
IoDeleteDevice
IoCreateSymbolicLink
IoCreateDevice
PsCreateSystemThread
ZwDeleteValueKey
strncmp
strncpy
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 960B - Virtual size: 934B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ