003e1b86ebf3a06af5bc9b589a30c12b4f25c67ab6221519ad8e022daf010bd5 | Triage

Submit
Reports

Overview

overview

6

Static

static

003e1b86eb...d5.exe

windows7-x64

6

003e1b86eb...d5.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

003e1b86ebf3a06af5bc9b589a30c12b4f25c67ab6221519ad8e022daf010bd5.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

003e1b86ebf3a06af5bc9b589a30c12b4f25c67ab6221519ad8e022daf010bd5.exe

Resource

win10v2004-20220901-en

bootkit persistence

windows10-2004-x64

1 signatures

150 seconds

General

Target

003e1b86ebf3a06af5bc9b589a30c12b4f25c67ab6221519ad8e022daf010bd5
Size

304KB
MD5

711d24cc11315a2a97b2893d7fcdc570
SHA1

32f9afe1a5f9ab39174b031d17cd539295281688
SHA256

003e1b86ebf3a06af5bc9b589a30c12b4f25c67ab6221519ad8e022daf010bd5
SHA512

650cab86e0c3298bcc58560f5d98dc22f8c7e7b83a72f6efea9261fa31d5dcbf579452ec332e635ac25944fd9f24ee8df356b70c4db8f4cc02079128144c8960
SSDEEP

6144:lkMJexgMVuH0OAvgHQw32c/59DcT7Z+nlc919CM7uN/4VK/8ydQ:lkMMxgiuUOAv033XXUF+2H9CBuKld

Score

N/A

Malware Config

Signatures

Files

003e1b86ebf3a06af5bc9b589a30c12b4f25c67ab6221519ad8e022daf010bd5
.exe windows x86

8d7a7d9c0cb2dba3b91baced37a515ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

DrvGetModuleHandle
CloseDriver
timeGetTime

shlwapi

SHQueryValueExA
SHCopyKeyW
SHDeleteValueA
SHEnumKeyExW

user32

wsprintfA

advapi32

GetUserNameA
RegCloseKey

kernel32

GetProcessHeap
HeapAlloc
ReleaseMutex
HeapFree
IsValidCodePage
GlobalAlloc
GetStdHandle
GetProcessVersion
IsValidLocale
CompareStringA
GetSystemDirectoryA
GetCurrentDirectoryW
GetWindowsDirectoryA
GetDriveTypeA
SetCurrentDirectoryA
GetFileAttributesA
CallNamedPipeA
CancelIo
GetModuleHandleA
DisconnectNamedPipe
GetExitCodeProcess
GetModuleFileNameA

msvcrt

malloc
free

version

GetFileVersionInfoA

ole32

OleUninitialize

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.udata
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy