317d74029648fa6fbce7608d442f5850df99996481c42db42028996b0fcf3ba7 | Triage

Submit
Reports

Overview

overview

6

Static

static

317d740296...a7.exe

windows7-x64

6

317d740296...a7.exe

windows10-2004-x64

6

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

317d74029648fa6fbce7608d442f5850df99996481c42db42028996b0fcf3ba7.exe

Resource

win7-20220901-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

317d74029648fa6fbce7608d442f5850df99996481c42db42028996b0fcf3ba7.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

317d74029648fa6fbce7608d442f5850df99996481c42db42028996b0fcf3ba7
Size

186KB
MD5

63e2ecb57bd1d2405a0bb8a9f20d6cae
SHA1

a72c8f08c6fb19222078bc57539c2b3d98922995
SHA256

317d74029648fa6fbce7608d442f5850df99996481c42db42028996b0fcf3ba7
SHA512

717690c72810dead0570102f597e408b236f9e629cc1a7ba5b186686106704a4be97114168846763f202e47cf665708964b6adb9ec9f4bfe937a0771a2408a0d
SSDEEP

3072:XkkpttCl/R/+Tjkd/fY0IAjjPLOtEJL0NTqKrclkFnnJRWVTZfEZ9kndj641ZaX:UkdClp/SE/A05PL6EJL0CktJ4VTZlJ4

Score

N/A

Malware Config

Signatures

Files

317d74029648fa6fbce7608d442f5850df99996481c42db42028996b0fcf3ba7
.exe windows x86

9a915d25d0434b282125020f2eac9d89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetSystemTime
SetErrorMode
CreateFileW
lstrlenW
SetWaitableTimer
LCMapStringA
WriteFile
WinExec
FindResourceExW
IsValidLanguageGroup
FlushViewOfFile
LocalReAlloc
FreeResource
SetPriorityClass

user32

GetWindowTextW
DefFrameProcW
SetMenuItemInfoW
DispatchMessageA
LoadMenuA
IsCharUpperA
SetActiveWindow
DrawFocusRect
LoadBitmapA
GetFocus
LoadImageW
EndDialog
SetTimer
ShowWindowAsync

gdi32

CreateDIBSection
GetTextAlign
GetClipBox
SetROP2
GetDeviceCaps
EnumFontFamiliesW
GetNearestColor
CreateDiscardableBitmap
GetTextFaceW

shlwapi

PathIsDirectoryA
StrIsIntlEqualW

ntdll

_aullrem

Exports

Exports

?bhysvhuBtFjrthPoLo@@YGFK@Z
?vdxjxroeCHvMGv@@YGEMH@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy