d00ca3181171c0ae1f7ad5914fdfbdac58bc4f5b2f19e82807ac51f0df61a3a4 | Triage

Submit
Reports

Overview

overview

6

Static

static

d00ca31811...a4.exe

windows7-x64

6

d00ca31811...a4.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d00ca3181171c0ae1f7ad5914fdfbdac58bc4f5b2f19e82807ac51f0df61a3a4.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

d00ca3181171c0ae1f7ad5914fdfbdac58bc4f5b2f19e82807ac51f0df61a3a4.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

4 signatures

150 seconds

General

Target

d00ca3181171c0ae1f7ad5914fdfbdac58bc4f5b2f19e82807ac51f0df61a3a4
Size

225KB
MD5

8891b6856311c6578931a0233281b079
SHA1

5e80c4535a3562141bf59fc12b447d36983b3a06
SHA256

d00ca3181171c0ae1f7ad5914fdfbdac58bc4f5b2f19e82807ac51f0df61a3a4
SHA512

fc05790d869b6e7eab72b13b77fefc516eaa4ee32d4e3dbc64672fbae3ac060d974db72d820ba3a177bfc6379a9743d356bc7bdfd168733bba56ed4a11fce200
SSDEEP

6144:SNyAN/u1PqJUqO6PPZmynXJx9cMJ0ePBUowmLbfR:SNyA/u1SJUqO2PU+5x9cMJ0OUxmLbf

Score

N/A

Malware Config

Signatures

Files

d00ca3181171c0ae1f7ad5914fdfbdac58bc4f5b2f19e82807ac51f0df61a3a4
.exe windows x86

0e8463e669527401af81505bcf0b8663

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetVersionExA
GlobalAlloc
GlobalFree
GlobalReAlloc
LoadLibraryA
MultiByteToWideChar
ReadFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoUninitialize
ProgIDFromCLSID

oleaut32

GetActiveObject
SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy