Static task
static1
General
-
Target
cdca35254b13b7ced97b7687b05f9c00N
-
Size
759KB
-
MD5
cdca35254b13b7ced97b7687b05f9c00
-
SHA1
fb74750e3ed8522ce91107279893e44101be9a1f
-
SHA256
0132b627308e3d7d1c0ac5e5b8253b1db62292a9e30175f5eb42b8d7d51c4388
-
SHA512
75d36e83d3f3eae5dd68f718772115e6cc451e6b23354898cdb60741a27874d69958c1a51b0b77f7363aeaf38d6ee847b0687a190c4f398ecc9abed6bd3c94ce
-
SSDEEP
12288:wPRKGtFxfma/mZ0IXrXMjkxT0g37Za2zTiqd4wYgqEMzdRXdU7jOd8azdcAH8rOE:jGEa/ij4e937Rniqd4wYJ7pRRGazdcAE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cdca35254b13b7ced97b7687b05f9c00N
Files
-
cdca35254b13b7ced97b7687b05f9c00N.sys windows:6 windows x86 arch:x86
b5c77fb69d242384211030557dc6aa15
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
ZwOpenFile
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KfAcquireSpinLock
HalMakeBeep
Sections
.text Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 29KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bea0 Size: 467KB - Virtual size: 466KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bea1 Size: 86KB - Virtual size: 85KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ