Static task
static1
General
-
Target
ac2e2e4dc1fa78c72b6a05dc928c43d0N
-
Size
773KB
-
MD5
ac2e2e4dc1fa78c72b6a05dc928c43d0
-
SHA1
cb919bb44ab7dd0c81dba8b450b49b90a4db88f6
-
SHA256
32f72356cbdb90ef1cb2ec3474f3ff75e76b2e21177d37b2f1d67b33039cd7b0
-
SHA512
345c5b203305b1ce2330f3906fe67bd456b1fc02fe33cde426c32672a6301f2d11ac4a6f393e945db7b5654484b7f54f1d5993c55f7730af6b153b0664165a1a
-
SSDEEP
12288:kEht2fEA0VXCVeRvEFlNcVOw2pKIWDMHxZQqxqiFH+82KnJbCeA1GQvSS:kEqkCVZBczUjWky8h+8zbCeAT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ac2e2e4dc1fa78c72b6a05dc928c43d0N
Files
-
ac2e2e4dc1fa78c72b6a05dc928c43d0N.sys windows:6 windows x86 arch:x86
f67fe1bd8df03f82193a57e70483d2d5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
ZwReadFile
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KeRaiseIrqlToDpcLevel
HalMakeBeep
Sections
.text Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 29KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bea0 Size: 489KB - Virtual size: 489KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bea1 Size: 78KB - Virtual size: 77KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ