e071c7e4ab182d94ce22b56ed0992b10 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e071c7e4ab182d94ce22b56ed0992b10
Size

30KB
MD5

e071c7e4ab182d94ce22b56ed0992b10
SHA1

b41417eac3fe7af56a4f1911609c6bc6db47afdc
SHA256

821fa0066f362240e5592f5c380967ae08d28008525b4bf20ecadf8e171bc19f
SHA512

6f7b885a8e357a383c88003554d9d9d54a1f091b5168ddcdd5f04e79c14bbfbe5fa172e4d8a7d532b1db85db6295a77c5ee9f73d9a1b011261ab3ef4477d8139
SSDEEP

768:kLtlNQH1vAUAJMIsXCOYtC6ABGN5HbShPb:k1QH14UAJMIsXCOYtCg7ShPb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e071c7e4ab182d94ce22b56ed0992b10

Files

e071c7e4ab182d94ce22b56ed0992b10
.sys windows:4 windows x86 arch:x86

caed740047327835987440169debea21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

PsGetCurrentProcessId

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64B - Virtual size: 35B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 96B - Virtual size: 86B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ