Static task
static1
General
-
Target
cd6659808ad6f43207a1ab160734a1e0N
-
Size
725KB
-
MD5
cd6659808ad6f43207a1ab160734a1e0
-
SHA1
ee4233c42300be4a70c1e048cc6b2fd3dac374cf
-
SHA256
dd6b06d1c6eec6a12189a07beaa8b47a39816f80f97b0ed56510fbf840930c3b
-
SHA512
bc419edea8d91d62f56cc119e1c113b0ac3e88fcca4fd0f37e9b11aaad0b992176a875db9239f752a2d7bfedad01bdf90e084d00d556ddbcdc658f6869573a03
-
SSDEEP
12288:7Hb+nZNx5hi6iASOaVnyua9BytBQN5yfj6sZS+r1OE6MBoE7kh/r1Nt:/+nBDlaVyH94iN6dSex9BoskHNt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cd6659808ad6f43207a1ab160734a1e0N
Files
-
cd6659808ad6f43207a1ab160734a1e0N.sys windows:6 windows x86 arch:x86
7b1c49c51648fb875584e99622816c54
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntoskrnl.exe
_chkstk
IoAllocateMdl
MmProbeAndLockPages
MmMapLockedPagesSpecifyCache
MmUnlockPages
IoFreeMdl
ExAllocatePool
ExFreePool
NtQuerySystemInformation
hal
KfReleaseSpinLock
HalMakeBeep
Sections
.text Size: 157KB - Virtual size: 156KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 29KB - Virtual size: 155KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.bea0 Size: 436KB - Virtual size: 435KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bea1 Size: 82KB - Virtual size: 81KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ