3a61e234ba93ea14a976c3664d0d5bd922c15f34365f139a0e7644ed983a4f5b | Triage

Submit
Reports

Overview

overview

Static

static

3a61e234ba...5b.exe

windows7_x64

3a61e234ba...5b.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3a61e234ba93ea14a976c3664d0d5bd922c15f34365f139a0e7644ed983a4f5b.exe

Resource

win7-20220414-en

echelon bootkit collection discovery evasion persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3a61e234ba93ea14a976c3664d0d5bd922c15f34365f139a0e7644ed983a4f5b.exe

Resource

win10v2004-20220414-en

echelon bootkit collection evasion persistence spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

3a61e234ba93ea14a976c3664d0d5bd922c15f34365f139a0e7644ed983a4f5b
Size

3.9MB
MD5

ed97eae657fb64e41b66be70ef77c9a9
SHA1

04e771a749ce2a593130b7e5663fa2a85157e9a0
SHA256

3a61e234ba93ea14a976c3664d0d5bd922c15f34365f139a0e7644ed983a4f5b
SHA512

339563dc9ab3a92e3c253e1be1acb25af982e9783519bbb50f3f260f1cd6e79d71aff855d47fa523318b720bdece4db3e61ce68132155eb9bf75b7045dac74ab
SSDEEP

98304:xE6N+phy8SXfBdpCn1q1f/GXFqfbP9QVewunozXRT5md/0zEcwv:WyJr2FqDP9QVewlBT54/0zLwv

Score

N/A

Malware Config

Signatures

Files

3a61e234ba93ea14a976c3664d0d5bd922c15f34365f139a0e7644ed983a4f5b
.exe windows x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

kernel32

lstrcpy

Sections

Size: 421KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

znanmefi
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gdbpqkfm
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy