C:\Users\14011\Desktop\PipiDrv\build\ApexR\SimpleDriverLoader.pdb
Static task
static1
1 signatures
General
-
Target
SimpleDriverLoader.exe
-
Size
290KB
-
MD5
4960c336407c12819c7a1a0b487a2c80
-
SHA1
e38c5e3938c75b1f69838711b66e458941c4e752
-
SHA256
5c73d45455d365c5c420408645bd6126cf3e1dc01dcb8764d6d0988d8dd3df3d
-
SHA512
4175e18bbc7b66f53e93be87f0cb3227ed7bb15ad9559941c80326583bb36592da28d9579b8afc33192e170f150cd101fc01075d5ee25a1357a06c8f75f599a3
-
SSDEEP
3072:/BNfCukCKyAVj3HUGRpcEPdGV8NdKAxw2HN8ugj9N+N7e/CUbSX3kr/+jzEuvoM6:/6f35qElCOdKAK2t8usD+RA60Gc6Y
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SimpleDriverLoader.exe
Files
-
SimpleDriverLoader.exe.exe windows:6 windows x64 arch:x64
0e7e5447aa1ee2805dcaf81305fe1801
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
SetEndOfFile
K32EnumDeviceDrivers
QueryFullProcessImageNameW
GetProcAddress
GetModuleHandleA
K32GetDeviceDriverBaseNameW
Sleep
GetCurrentProcess
WriteConsoleW
HeapSize
CreateFileW
GetProcessHeap
SetStdHandle
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetFileType
CloseHandle
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
RtlUnwind
advapi32
RegCloseKey
RegDeleteKeyW
RegCreateKeyW
RegOpenKeyW
RegSetKeyValueW
ntdll
RtlCaptureContext
RtlInitUnicodeString
RtlLookupFunctionEntry
RtlVirtualUnwind
Sections
.text Size: 197KB - Virtual size: 197KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 71KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ