cc93c6a6d9980ce27220e38cb947be21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cc93c6a6d9980ce27220e38cb947be21
Size

93KB
MD5

cc93c6a6d9980ce27220e38cb947be21
SHA1

a6b10f3bac63fee4db160b68d842b0012393c206
SHA256

e33ec8eacffbbdaa9958777ad2f34e278d2e95a593ea36ab9dfbf0ea645e6dcf
SHA512

d1a74c86db550f0457e190ccbcd0483ceb0851171cd2788cb59efb89e45374c9603f6a144ac03876efb89c341ebfc3c4f2d14fc30e83d67faf6a805d04bd30a6
SSDEEP

1536:qcnOSC9sVchVLQIDc5jZn7dgOXISWdyjhdHA5Ur/pVqk4awj8mESkdtR5jdbfRcM:qcnJC9nQIDcLKOIkHQUrxV038mE1hp4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc93c6a6d9980ce27220e38cb947be21

Files

cc93c6a6d9980ce27220e38cb947be21
.sys windows:5 windows x86 arch:x86

2df80650cc1853520a241690a4ebf486

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ndis.sys

NdisWaitEvent

ntoskrnl.exe

DbgBreakPointWithStatus
MmGetSystemRoutineAddress

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE