D:\w\workspace\build_aqnic\bin\aqnic\release\x64\win10\aqnic650.pdb
Static task
static1
1 signatures
General
-
Target
2098a3be85dbca9cb65b4bfd766dbe81008b54997b0a094db84d1d1dbc179744
-
Size
211KB
-
MD5
e0d254027267d809aeacaa848387227e
-
SHA1
c43fc60875bfaff95ee1a951c3bad6f2ceae1aa6
-
SHA256
2098a3be85dbca9cb65b4bfd766dbe81008b54997b0a094db84d1d1dbc179744
-
SHA512
313ab251b45e266fc62d724313bb07c641801e0dc9b144b636f9f7544de673adf01647843d549908fca3358b581f525b9ba65e6ed93851a3d4586ae40445f704
-
SSDEEP
3072:iK9qFRw5lvNydZCfRVN2SN2WfELQxHn8xOtUpoBc5bms+Y+Kt8wCxCZXdlOixssD:vgRCLprVN2wxHn80tUUNs+JpSNFED
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2098a3be85dbca9cb65b4bfd766dbe81008b54997b0a094db84d1d1dbc179744
Files
-
2098a3be85dbca9cb65b4bfd766dbe81008b54997b0a094db84d1d1dbc179744.sys windows:10 windows x64 arch:x64
08f75478cc2c676e615172602f62f424
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
ndis.sys
NdisCloseConfiguration
NdisReadNetworkAddress
NdisOpenConfigurationEx
NdisMGetDeviceProperty
NdisFreeMemory
NdisWriteErrorLogEntry
NdisAllocateTimerObject
NdisCancelTimerObject
NdisFreeTimerObject
NdisSetCoalescableTimerObject
NdisAllocateNetBufferListPool
NdisFreeNetBufferListPool
NdisFreeNetBufferList
NdisAllocateNetBufferAndNetBufferList
NdisAllocateMdl
NdisFreeMdl
NdisMSetMiniportAttributes
NdisMIndicateStatusEx
NdisMMapIoSpace
NdisMUnmapIoSpace
NdisMRemoveMiniport
NdisMQueryAdapterInstanceName
NdisMRegisterScatterGatherDma
NdisMDeregisterScatterGatherDma
NdisMAllocateNetBufferSGList
NdisReadConfiguration
NdisMPauseComplete
NdisMSendNetBufferListsComplete
NdisMIndicateReceiveNetBufferLists
NdisAllocateIoWorkItem
NdisQueueIoWorkItem
NdisFreeIoWorkItem
NdisMResetComplete
NdisMGetBusData
NdisMResetMiniport
NdisProcessorNumberToIndex
NdisMRegisterInterruptEx
NdisMDeregisterInterruptEx
NdisMQueueDpcEx
NdisMAllocateSharedMemory
NdisMFreeSharedMemory
NdisAllocateMemoryWithTagPriority
NdisWriteEventLogEntry
NdisSetOptionalHandlers
NdisGetRssProcessorInformation
NdisMRegisterMiniportDriver
NdisMDeregisterMiniportDriver
NdisOpenFile
NdisCloseFile
NdisMapFile
NdisUnmapFile
NdisMFreeNetBufferSGList
NdisMSleep
ntoskrnl.exe
IoWMIRegistrationControl
_purecall
strncmp
KeInitializeEvent
KeWaitForSingleObject
KeQueryActiveProcessorCountEx
IoBuildDeviceIoControlRequest
IofCallDriver
KeFlushQueuedDpcs
MmGetSystemRoutineAddress
KeInitializeDpc
KeInsertQueueDpc
KeSetTargetProcessorDpcEx
wcsncpy_s
KeLowerIrql
KfRaiseIrql
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
MmMapLockedPagesSpecifyCache
ExAllocatePool2
ExFreePool
KeInitializeSpinLock
RtlInitUnicodeString
hal
KeQueryPerformanceCounter
Sections
.text Size: 164KB - Virtual size: 164KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 657B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGE Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 700B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ