Static task
static1
General
-
Target
da8e86b13c7d9d88575bbad66b825170N
-
Size
158KB
-
MD5
da8e86b13c7d9d88575bbad66b825170
-
SHA1
2cd6c153638aad7953adab7b4ce3f610ca5d6de8
-
SHA256
45f3b11efcdd1e1bee5cda7dd9fbd55d1949aab052c43383b4d0308c845f4e6b
-
SHA512
4b846d585e46c92bd23f6e02301b9baf611a1c2516b19d99c40b3b162d1d8bae52d372dabba505d171e3f2b4db6f41de7909c1a77d1526da25349239f82401a1
-
SSDEEP
3072:PySlm+wifpfK+Zk3gKwW5JfqXH2Dq2u6D33elYgw2UOS/PHe+jgagsds:Prm0TZk38uJfqXApx33elBw2UZPHD1g0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource da8e86b13c7d9d88575bbad66b825170N
Files
-
da8e86b13c7d9d88575bbad66b825170N.sys windows:6 windows x86 arch:x86
8264bbf20c56492082b64a80e0d87fc2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
KeBugCheckEx
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KeRaiseIrqlToDpcLevel
HalMakeBeep
fltmgr.sys
FltCreateCommunicationPort
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 820B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.dada0 Size: 89KB - Virtual size: 89KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.dada1 Size: 53KB - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 968B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ