0ff33e4cbf2cf3f8093c9f702a6e506766477a8e78ac9125416747215a15c793 | Triage

Submit
Reports

Overview

overview

7

Static

static

0ff33e4cbf...93.exe

windows7_x64

7

0ff33e4cbf...93.exe

windows10-2004_x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

0ff33e4cbf2cf3f8093c9f702a6e506766477a8e78ac9125416747215a15c793.exe

Resource

win7-20220414-en

bootkit evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0ff33e4cbf2cf3f8093c9f702a6e506766477a8e78ac9125416747215a15c793.exe

Resource

win10v2004-20220414-en

bootkit evasion persistence

windows10-2004_x64

0 signatures

0 seconds

General

Target

0ff33e4cbf2cf3f8093c9f702a6e506766477a8e78ac9125416747215a15c793
Size

1.5MB
MD5

67bfea86c243e8501123085e51d7d5e7
SHA1

af4571a5feb50748b77b849cac71133df7cf39e4
SHA256

0ff33e4cbf2cf3f8093c9f702a6e506766477a8e78ac9125416747215a15c793
SHA512

f4dfbe3c74cc60c56a7a37b38edba000366e0b0830b5b6359652f3f9947268a1258a65449f9c0b85545a90761ae5df21a22041d1ce05a1443c2578329cacf159
SSDEEP

49152:erKu0x1zRApG+97kxutoOxfybkTtTpX5tD9PoP:ESxRcG+RPVxf7979A

Score

N/A

Malware Config

Signatures

Files

0ff33e4cbf2cf3f8093c9f702a6e506766477a8e78ac9125416747215a15c793
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 605KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 146KB - Virtual size: 678KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

udfrbdxf
Size: 819KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prdvsvsl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy