E:\Drivers_-_FCH_-_IO\AMD_PCI_Device_driver\Dbuild89\CloneRepo\src\vc140\x64\Win8.1Release\AMDPCIDev.pdb
Static task
static1
1 signatures
General
-
Target
f3c994aa28ae305c47f9de5eedfa982f507a0c03c6b99ad2578ab8c0b8ff640e
-
Size
18KB
-
MD5
0c3f6a0e2b1bca8b727de892fd521efe
-
SHA1
da17de86ef7700c92bdd11dca486f37da9b8c8ee
-
SHA256
f3c994aa28ae305c47f9de5eedfa982f507a0c03c6b99ad2578ab8c0b8ff640e
-
SHA512
419c37556edae9643fd08fd20425f692fa8ae33ed820505ba4e1604581b537b96105a11725d5c1e5c71d2a82bc5a7b2752d110f2a045d9c039facc201450ead1
-
SSDEEP
384:bKt7aw15YDDHjzxtzdcYoeDeWnUYGVavG33S4fcRvFclnWpL5gcd:mdanbHDzYWewUHyocDcA
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f3c994aa28ae305c47f9de5eedfa982f507a0c03c6b99ad2578ab8c0b8ff640e
Files
-
f3c994aa28ae305c47f9de5eedfa982f507a0c03c6b99ad2578ab8c0b8ff640e.sys windows:10 windows x64 arch:x64
31d47b80d74e5a00c4c1a86648c6d68d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
ntoskrnl.exe
RtlHashUnicodeString
KeInitializeEvent
KeSetEvent
KeInitializeMutex
KeReleaseMutex
KeSetSystemGroupAffinityThread
KeRevertToUserGroupAffinityThread
KeWaitForSingleObject
KeQueryActiveProcessorCountEx
KeQueryActiveGroupCount
KeQueryGroupAffinity
ExAllocatePoolWithTag
ExFreePoolWithTag
ExAcquireFastMutex
ExReleaseFastMutex
IoAllocateDriverObjectExtension
IoAttachDeviceToDeviceStack
IofCallDriver
IofCompleteRequest
IoCreateDevice
IoDeleteDevice
IoDetachDevice
IoGetDriverObjectExtension
IoInitializeRemoveLockEx
IoReleaseRemoveLockEx
IoReleaseRemoveLockAndWaitEx
IoSetDeviceInterfaceState
PoCallDriver
ZwClose
RtlInitializeGenericTableAvl
RtlInsertElementGenericTableAvl
RtlDeleteElementGenericTableAvl
RtlLookupElementGenericTableAvl
RtlGetElementGenericTableAvl
RtlInitializeGenericTable
RtlInsertElementGenericTable
RtlDeleteElementGenericTable
RtlLookupElementGenericTable
RtlGetElementGenericTable
RtlIsGenericTableEmpty
RtlEqualString
PsSetCreateProcessNotifyRoutineEx
ZwOpenProcess
strcmp
HalDispatchTable
__C_specific_handler
IoAcquireRemoveLockEx
RtlInitAnsiString
fltmgr.sys
FltParseFileName
Sections
.text Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 888B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1024B - Virtual size: 540B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PAGE Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
PAGED_CO Size: 512B - Virtual size: 178B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
INIT Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 32B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ