0e008f598d3a4faf0f1df519abf2302388d1b4a68fad47fc6af1aac719448908

General

Target

0e008f598d3a4faf0f1df519abf2302388d1b4a68fad47fc6af1aac719448908
Size

48KB
MD5

71965287e541eb8a5af950ea909d3fa5
SHA1

2323978d72b62c9905f1ec1578bf8debd82298d9
SHA256

0e008f598d3a4faf0f1df519abf2302388d1b4a68fad47fc6af1aac719448908
SHA512

51fa7ec262fe34508ba4a88dc55457ba4a9c1b7518ca8fd8cd53aeda7cbc9e7989c1a5ec620eff98570f64ccab944c461ce412f55c6dffb7d914d47cd862985c
SSDEEP

768:WjeRpVsYAJNZ7jFcPGzKclxFa/KEeY715oG9Ov:Wjexsxn7jFcPG+azEeY71mG9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e008f598d3a4faf0f1df519abf2302388d1b4a68fad47fc6af1aac719448908

Files

0e008f598d3a4faf0f1df519abf2302388d1b4a68fad47fc6af1aac719448908
.sys windows:6 windows x86 arch:x86

c7f7bd1c5356ff1e002918f1d2116f0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\slaverep\beyond_slave\driver_rep\build\trunk\driver\tsqbdrv\objfre_wxp_x86\i386\TsQBDrv.pdb

Imports

ord3238
ord3262
ord3286
ord3308
ord3328
ord3340
ord3372
ord3386
ord3408
ord3432
ord3456
ord3476
ord3498
ord3508
ord3526
ord3542
ord3566
ord3598
ord3618
ord3638
ord3666
ord3690
ord3718
ord3730
ord3740
ord3762
ord3772
ord3792
ord3816
ord3832
ord3842
ord3858
ord3876
ord3220
ord3916
ord3942
ord3962
ord3982
ord4004
ord4016
ord4042
ord4056
ord4088
ord4110
ord4126
ord4154
ord4180
ord4194
ord4218
ord4230
ord4254
ord4278
ord4304
ord4336
ord4348
ord4368
ord4380
ord4396
ord4416
ord4432
ord4448
ord4474
ord4494
ord4520
ord4534
ord3186
ord3162
ord3890
ord3144
ord4620
ord4630
ord4642
ord4654
ord4664
ord4578
ord4564
ord4592

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 896B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7f7bd1c5356ff1e002918f1d2116f0f

Headers

File Characteristics

PDB Paths

Imports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

INIT Size: 2KB - Virtual size: 1KB

.rsrc Size: 896B - Virtual size: 888B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB

INIT
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 896B - Virtual size: 888B

.reloc
Size: 2KB - Virtual size: 2KB