C:\Users\p1\Desktop\KRNL-Open-Source-main\krnl rebrand open source\krnlss\obj\Debug\krnlss.pdb
Static task
static1
1 signatures
General
-
Target
krnlss.exe
-
Size
693KB
-
MD5
594ab8fa5d24c67e437e926c3b924c0c
-
SHA1
caa681052d8bd3a639e41bf631578c1af08c4c2f
-
SHA256
e7016d6b0d52838b67d5d6c3c0f83fc7cf011992e44aad9550216cc255100f3a
-
SHA512
7a2d4d61b44a33c0fae432f542e1f057476b929ecabd4f23e9175a7652f97df0263ecc6cbdc7c22c2c3955ea7148ad9bf86d489413a50ccd4c1352fa864e6b51
-
SSDEEP
3072:PQ1D1ZUgmdxfiYJ5oFWzRxc4YYfLnzRxc4YYRL3LgzRxc4YYfLpzRxc4YYv:PQ1D1ZedxfiYJ5MWzRx3zRxGzRxZzRx
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource krnlss.exe
Files
-
krnlss.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 533KB - Virtual size: 533KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 159KB - Virtual size: 158KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ