valthrun-driver[.]sys

Sharing

Copy URL Twitter E-mail

General

Target

valthrun-driver.sys
Size

617KB
MD5

79c775a07ac57b88c94027e574c11eff
SHA1

de0a33c6210c72b23a64bd2031c0ae20b10a8d02
SHA256

96f8e95f21413adb073b8a467f7da00495386330970cd9e082151b20886023ac
SHA512

c1b89b7d38b802e667028ba14c3f55223dcb9a121f1ba040c3479439f535458fc1f337b44858d7f2f93890fc3b3cdd729fef457639c2579b2ef072098c8e1bf6
SSDEEP

12288:jdU6NRc+Ho+27D5x1rdy6px46mYqUCHtyzXxVYx19gah:jOme+o79vrdyM46yUCHtyzhVEnXh

Score

1^/10

Malware Config

Signatures

Files

valthrun-driver.sys
.dll windows:6 windows x64 arch:x64

Code Sign

6a:ff:e9:11:e9:be:2f:ba:45:d1:1e:cd:a6:66:a4:fd
Certificate

Issuer

CN=DriverCertificate

Not Before

12/03/2024, 14:28

Not After

31/12/2039, 23:59

Subject

CN=DriverCertificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

54:2d:00:bd:bb:23:7d:f3:3c:3e:43:12:02:c8:52:c9:d6:72:21:9f:d8:cc:76:5e:00:83:3e:ed:f3:43:99:3e
Signer

Actual PE Digest

54:2d:00:bd:bb:23:7d:f3:3c:3e:43:12:02:c8:52:c9:d6:72:21:9f:d8:cc:76:5e:00:83:3e:ed:f3:43:99:3e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\valthrun-driver\valthrun-driver\target\x86_64-pc-windows-msvc\release\deps\driver_standalone.pdb

Sections

.text
Size: 515KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

6a:ff:e9:11:e9:be:2f:ba:45:d1:1e:cd:a6:66:a4:fdCertificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

54:2d:00:bd:bb:23:7d:f3:3c:3e:43:12:02:c8:52:c9:d6:72:21:9f:d8:cc:76:5e:00:83:3e:ed:f3:43:99:3eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 515KB - Virtual size: 516KB

.rdata Size: 89KB - Virtual size: 92KB

.data Size: 1KB - Virtual size: 12KB

.reloc Size: 3KB - Virtual size: 2KB

6a:ff:e9:11:e9:be:2f:ba:45:d1:1e:cd:a6:66:a4:fd
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

54:2d:00:bd:bb:23:7d:f3:3c:3e:43:12:02:c8:52:c9:d6:72:21:9f:d8:cc:76:5e:00:83:3e:ed:f3:43:99:3e
Signer

.text
Size: 515KB - Virtual size: 516KB

.rdata
Size: 89KB - Virtual size: 92KB

.data
Size: 1KB - Virtual size: 12KB

.reloc
Size: 3KB - Virtual size: 2KB