Static task
static1
General
-
Target
d6e6d357dffcbb4e0bbe228c618eac9e
-
Size
1KB
-
MD5
d6e6d357dffcbb4e0bbe228c618eac9e
-
SHA1
8f10699e1c8c0b9b73de7406fd107dbc8ebd9b72
-
SHA256
4f7f4abe50d0fb51e32c2a4631734d351733b7a0eb2e2af4ff465de3fd00d59e
-
SHA512
9c462d0aa664f572f195f92cd8da52f60f322bbc26fce65ca4838fea5f19b66fefbcf5682769bd7377d3216bdef7b338eade4e152cf61dcd27c5953b341b26bb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d6e6d357dffcbb4e0bbe228c618eac9e
Files
-
d6e6d357dffcbb4e0bbe228c618eac9e.sys windows:4 windows x86 arch:x86
1224b7eb1aedc2d89918a775eb28893d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
KeServiceDescriptorTable
IofCompleteRequest
IoCreateDevice
Sections
.text Size: 320B - Virtual size: 306B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 128B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 224B - Virtual size: 216B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 64B - Virtual size: 40B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ