Windows Analysis Report
ereborlugimli.sys

Overview

General Information

Sample name: ereborlugimli.sys
Analysis ID: 1431620
MD5: eebfa46f56e02488c933c3d6f289c7c2
SHA1: d3cc699a04936324ab29a31a283ea309a10ab27a
SHA256: bcbb40015ac5a9fa84232be932a12c0f37c7b482af434eb092f4b25fae706da9
Errors
  • No process behavior to analyse as no analysis process or sample was found
  • Corrupt sample or wrongly selected analyzer. Details: unsuccessful

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

PE / OLE file has an invalid certificate

Classification

Source: ereborlugimli.sys Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF
PE / OLE file has an invalid certificate
Source: ereborlugimli.sys Static PE information: invalid certificate
Source: classification engine Classification label: unknown0.winSYS@0/0@0/0
Source: ereborlugimli.sys Static PE information: Image base 0x140000000 > 0x60000000
Source: ereborlugimli.sys Static PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, GUARD_CF
Source: ereborlugimli.sys Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
windows-stand

No Behavior Graph

No contacted IP infos