Ls_Droid_v1[.]1[.]9[.]0[.]exe | Triage

Submit
Reports

Overview

overview

9

Static

static

Ls_Droid_v1.1.9.0.exe

windows7_x64

9

Ls_Droid_v1.1.9.0.exe

windows10-2004_x64

9

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Ls_Droid_v1.1.9.0.exe

Resource

win7-20220414-en

bootkit evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Ls_Droid_v1.1.9.0.exe

Resource

win10v2004-20220414-en

bootkit evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

Ls_Droid_v1.1.9.0.exe
Size

18.9MB
MD5

a1459b6cd648d10da05707b69166d2f6
SHA1

e931f9543b81855cfb5f062fbf7f3328510392d1
SHA256

87ee5870a5c7a37b2a0b77e3394f02ff7563f7e7c0ed1a42c6b1bb5ea5e04d59
SHA512

c0e3b7890a046d9e71d0304f221afa37d2546d10ef9556f4c94b3d302adf56adb569d069797380c5e08ba8ffc0d26da600aa34f6aaf450f6196d19af6bc81e56
SSDEEP

393216:K2TZGNedccfAcSZ2wYHyBxUZ7os4TVYmHJ5vT9qgdoq1Vv:K2VGxwLSZ/aoskZHJ5vTcgdomv

Score

N/A

Malware Config

Signatures

Files

Ls_Droid_v1.1.9.0.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 15.2MB - Virtual size: 40.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 24KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.winlice
Size: - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy