f:\project\wang\ch34xser\ch343ser\v160t\ch343ser_v16\objfre_w2K_x86\i386\CH343SER.pdb
Static task
static1
1 signatures
General
-
Target
946d361728cfd0154f9d5646e2727fa442941617c7c4c30c93f76eb280b914ba
-
Size
46KB
-
MD5
d12a3481af5c99654d4396ad1432f5a1
-
SHA1
c8a1965e014fb9975ec036f4c3885b7d0b7a8ccf
-
SHA256
946d361728cfd0154f9d5646e2727fa442941617c7c4c30c93f76eb280b914ba
-
SHA512
ccc639e69fe0cff65082e7dc1d6c44b160ea489a32b8be1e4ea6186c3cce897a43bfa546aa9eecae0a9e4cbbec0b8e6a816d27cc6d17d720d8313f0cc6e62b34
-
SSDEEP
768:2O6zJVOU6jT4NL2xLOKUSfksfqN3Eipssxm9osxQSkdJQTNoo3GI:YJajTOKHfrfqZq60LzkdJYj3G
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 946d361728cfd0154f9d5646e2727fa442941617c7c4c30c93f76eb280b914ba
Files
-
946d361728cfd0154f9d5646e2727fa442941617c7c4c30c93f76eb280b914ba.sys windows:5 windows x86 arch:x86
5a1cfd0a893b9f3aeecd2cb370e9425c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
_allmul
ExFreePool
ExAllocatePool
InterlockedExchange
IoReleaseCancelSpinLock
InterlockedExchangeAdd
IoAcquireCancelSpinLock
InterlockedCompareExchange
KeClearEvent
KeInsertQueueDpc
KeRemoveQueueDpc
KeCancelTimer
ZwQueryValueKey
RtlInitUnicodeString
RtlQueryRegistryValues
memmove
ZwClose
IoOpenDeviceRegistryKey
PsTerminateSystemThread
KeSetPriorityThread
KeGetCurrentThread
KeDelayExecutionThread
PoRequestPowerIrp
KeSetTimer
KeQuerySystemTime
PsCreateSystemThread
sprintf
IoDeleteDevice
InterlockedIncrement
IoDetachDevice
IoDeleteSymbolicLink
IoAllocateIrp
RtlFreeUnicodeString
IoSetDeviceInterfaceState
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
KeWaitForMultipleObjects
IoRegisterDeviceInterface
RtlWriteRegistryValue
IoCreateSymbolicLink
KeInitializeDpc
KeInitializeTimer
KeInitializeSpinLock
IoAttachDeviceToDeviceStack
IoCreateDevice
RtlAppendUnicodeStringToString
RtlIntegerToUnicodeString
RtlAppendUnicodeToString
IoFreeWorkItem
PoSetPowerState
PoCallDriver
IoWMIRegistrationControl
IoAllocateWorkItem
DbgPrint
KeTickCount
KeBugCheckEx
KeInitializeEvent
IoBuildDeviceIoControlRequest
KeWaitForSingleObject
InterlockedDecrement
KeSetEvent
IofCallDriver
IoQueueWorkItem
IoCancelIrp
RtlDeleteRegistryValue
IoFreeIrp
PoStartNextPowerIrp
IoGetConfigurationInformation
IofCompleteRequest
hal
ExReleaseFastMutex
KfRaiseIrql
ExAcquireFastMutex
KfLowerIrql
KfAcquireSpinLock
KfReleaseSpinLock
wmilib.sys
WmiSystemControl
WmiCompleteRequest
usbd.sys
_USBD_CreateConfigurationRequestEx@8
_USBD_ParseConfigurationDescriptorEx@28
Sections
.text Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 640B - Virtual size: 622B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 896B - Virtual size: 832B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 896B - Virtual size: 828B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ