774230909838222f8a81bef304efe9a71f7b2f7bb9ce44e5ff809cf6adf735a9

General

Target

774230909838222f8a81bef304efe9a71f7b2f7bb9ce44e5ff809cf6adf735a9
Size

1.4MB
MD5

4d37fa065695bb31435012ba568dcf04
SHA1

d31c5a22f3c9a79026fff342a8dbf7cf8725326d
SHA256

774230909838222f8a81bef304efe9a71f7b2f7bb9ce44e5ff809cf6adf735a9
SHA512

2cecb3e5cf45d0e1230f1e767532f5454fa069549543a7ad44f3ce75e00fea275f75443ca28a35beada901f20c19dc968303251e00afad3b3d8ae51bc18dc3c6
SSDEEP

24576:sTJUPJzUmupAG73GuO/IWw5WN7ljGi4/pyJKKtIn9ep34XFZhU:f4mcO+5W/GlgHOn9KIVbU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
774230909838222f8a81bef304efe9a71f7b2f7bb9ce44e5ff809cf6adf735a9

Files

774230909838222f8a81bef304efe9a71f7b2f7bb9ce44e5ff809cf6adf735a9
.sys windows:10 windows x64 arch:x64

3f4c9025125027e307b7e52dd577303b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

MmBuildMdlForNonPagedPool
IoAllocateMdl
RtlInitUnicodeString
MmMapIoSpace
MmFreeContiguousMemory
IoDeleteDevice
MmUnmapIoSpace
MmGetPhysicalAddress
IoDeleteSymbolicLink
IoFreeMdl
MmAllocateContiguousMemorySpecifyCache
IoCreateDevice
ExFreePoolWithTag
MmUnmapLockedPages
IofCompleteRequest
IoCreateSymbolicLink
MmMapLockedPages

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f4c9025125027e307b7e52dd577303b

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 24B

.pdata Size: 512B - Virtual size: 132B

INIT Size: 1024B - Virtual size: 572B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 36B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 24B

.pdata
Size: 512B - Virtual size: 132B

INIT
Size: 1024B - Virtual size: 572B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 36B