ba3578e2b493c3ff3c514ace6d189a497a7c1151762461999720c29b95a351c9 | Triage

Submit
Reports

Overview

overview

8

Static

static

ba3578e2b4...c9.exe

windows7-x64

ba3578e2b4...c9.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ba3578e2b493c3ff3c514ace6d189a497a7c1151762461999720c29b95a351c9.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba3578e2b493c3ff3c514ace6d189a497a7c1151762461999720c29b95a351c9.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

6 signatures

150 seconds

General

Target

ba3578e2b493c3ff3c514ace6d189a497a7c1151762461999720c29b95a351c9
Size

20KB
MD5

6b02f1f0e2a9948fe556bf7be2085dd0
SHA1

c924dde7b56ad57b5986cb6a85269a8eaa542b6d
SHA256

ba3578e2b493c3ff3c514ace6d189a497a7c1151762461999720c29b95a351c9
SHA512

65a8830bf09583bfb784456a0adcfea43d3f9349ee4c9abfbfeba0f8c5eb0a6a3a38e5876525b1a5adea0ea03b4d9637e53d4d66af340df5af8be05b096cba92
SSDEEP

384:w6GC+vdRbC0th8fvXbEDBC2X+snADbsqcEWHQ0wWfN:wtnvdRWdgDBC2XooqM

Score

N/A

Malware Config

Signatures

Files

ba3578e2b493c3ff3c514ace6d189a497a7c1151762461999720c29b95a351c9
.exe windows x86

3cb71d50ca2d9dfd5146ec8e10eae6c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageW

setupapi

SetupDiGetClassInstallParamsW
SetupDiOpenClassRegKeyExW
SetupDiGetDeviceInfoListDetailW
SetupDiSetClassInstallParamsW
SetupDiCreateDevRegKeyW
CM_Get_Device_ID_ExW

msvcrt

wcscpy
_adjust_fdiv
exit
_wtoi64
_chdir
malloc
_beep
_wcsnicmp
free
_initterm
_beginthread

crypt32

I_CryptGetTls

ole32

CoCreateInstance
CoSetProxyBlanket

user32

wsprintfW
GetDlgItem
LoadStringW
ShowWindow
SetWindowLongW
MessageBoxW
GetSysColor
SendMessageW
GetSysColorBrush
GetDlgCtrlID
EnableWindow
GetWindowLongW

dbghelp

MapDebugInformation

kernel32

GetLastError
VirtualAlloc

ws2_32

WSAGetLastError

advapi32

RegCloseKey
RegQueryValueExW

gdi32

SetBkColor

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy