Static task
static1
General
-
Target
d6bd7852107342a82bf0f1b8e6461ba4
-
Size
4KB
-
MD5
d6bd7852107342a82bf0f1b8e6461ba4
-
SHA1
612946ec1970d54800e137df8c245e8d37d2c587
-
SHA256
fd84ae76892f2454ec3e0805b645603af96549583785f114b5e7905a61a4a77a
-
SHA512
42a0f811bf2a68a3792834a3601ed002e77cad5e9d93fe213e87494f2fbfaf9a134ba10f52470ee4f1ed21ff446ece4b2665bb4bfaad7c79d036a2179d66978b
-
SSDEEP
48:6Ub/tPJrW9Ar/bpC4t0S97rAZ83tzOTJbVAncmUscmRYYf+HrW/LeBlAzryI:5tPV7/997rH6xi/4mRYYfDzhry
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d6bd7852107342a82bf0f1b8e6461ba4
Files
-
d6bd7852107342a82bf0f1b8e6461ba4.sys windows:5 windows x86 arch:x86
9195552aaab9c0cf05ebc7215fb54da9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IoGetCurrentProcess
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 384B - Virtual size: 366B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 96B - Virtual size: 67B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 96B - Virtual size: 84B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 96B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ