f5508c57f116baf22d0e1a8114d85797565f09571103a3af1cc12b3ce790364e | Triage

Submit
Reports

Overview

overview

7

Static

static

f5508c57f1...4e.dll

windows7-x64

7

f5508c57f1...4e.dll

windows10-2004-x64

7

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

f5508c57f116baf22d0e1a8114d85797565f09571103a3af1cc12b3ce790364e.dll

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

f5508c57f116baf22d0e1a8114d85797565f09571103a3af1cc12b3ce790364e.dll

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

13 signatures

150 seconds

General

Target

f5508c57f116baf22d0e1a8114d85797565f09571103a3af1cc12b3ce790364e
Size

371KB
MD5

61b6d64f7ca14f2bba31c68f10c3cd20
SHA1

2b792503db2cbca825c9a782fff9728a3d080e13
SHA256

f5508c57f116baf22d0e1a8114d85797565f09571103a3af1cc12b3ce790364e
SHA512

4b96c66705b9867f7872b1720fa09c35eebf744148663e1a3540bf6d371c6c5219f7d8554527330df7d24a8571c1b7c98a9ee55bf7cc42224668c3439e85d96a
SSDEEP

6144:4cTsPrjFXNlkArqecU3KmeBKahiom7EIrIczmyHfsip+rGf8xxrKDRwv2o7:4cTs99jKUheBKah2EOX/FktKE2G

Score

N/A

Malware Config

Signatures

Files

f5508c57f116baf22d0e1a8114d85797565f09571103a3af1cc12b3ce790364e
.dll windows x86

8d0453c5aa8fcfb5c5867fc0ecf09a8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameW
ReadConsoleOutputCharacterW
IsDBCSLeadByte
RemoveDirectoryW
CopyFileW
GetSystemDirectoryA
OutputDebugStringA
GetStartupInfoA
GetFullPathNameW
GetDefaultCommConfigA

Exports

Exports

AOCMA
BeNot
CheckingIsOSIn
FreshXIsWindows
InstallationComponentsWasOfNot
InstallingInfo
IsInstallSuccessfully
KeyInfoFor
MSMQIs
NotFlagsInfo
OSMSMQNot
OpenedSupportedOpenedRegistryIs
ToBeAssumed

Sections

.text
Size: 271KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy