d02b90b651e810d0dd5ef13ba0c66263ea27ed90e761f05a99bd82bc5befd431 | Triage

Submit
Reports

Overview

overview

6

Static

static

HP优盘�...��.exe

windows7-x64

6

HP优盘�...��.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

HP优盘启动盘格式化工具.exe

Resource

win7-20220901-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

HP优盘启动盘格式化工具.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

d02b90b651e810d0dd5ef13ba0c66263ea27ed90e761f05a99bd82bc5befd431
Size

328KB
MD5

5048ead418641c2040a15b465b913073
SHA1

64d474a35378f2243d7ce6b68853409c78d54479
SHA256

d02b90b651e810d0dd5ef13ba0c66263ea27ed90e761f05a99bd82bc5befd431
SHA512

c94f3e2a3961cc9d4561e5fece15949f1cb5dc584071c7b762b1e0485799bab9859854551bbc2441e9f9361c5db350ee89753d0581265530198e0bb34895a7cd
SSDEEP

6144:vLTXKQPNhvSdESh80OLIU7YpLtXGzqab5YHO9md7NPs0C/vmgOzYTnjUg2Td+By4:vXFhsEg80OIsYpLtXWqDHOW7q0C/vN4K

Score

N/A

Malware Config

Signatures

Files

d02b90b651e810d0dd5ef13ba0c66263ea27ed90e761f05a99bd82bc5befd431
.rar
HP优盘启动盘格式化工具.EXE
.exe windows x86

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess

user32

MessageBoxA

Sections

.text
Size: 32KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SharedD
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.perplex
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy