13b87ee26d23bb310d82b436f9fbaecae45b585985594c952693ed96ba40180b | Triage

Submit
Reports

Overview

overview

9

Static

static

13b87ee26d...0b.exe

windows7-x64

9

13b87ee26d...0b.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

13b87ee26d23bb310d82b436f9fbaecae45b585985594c952693ed96ba40180b.exe

Resource

win7-20220901-en

bootkit persistence upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

13b87ee26d23bb310d82b436f9fbaecae45b585985594c952693ed96ba40180b.exe

Resource

win10v2004-20220812-en

bootkit persistence upx

windows10-2004-x64

7 signatures

150 seconds

General

Target

13b87ee26d23bb310d82b436f9fbaecae45b585985594c952693ed96ba40180b
Size

3.2MB
MD5

591805d15fcc01b91911d5e47741ad7f
SHA1

07277236bde0c381ddc597346e86801271778939
SHA256

13b87ee26d23bb310d82b436f9fbaecae45b585985594c952693ed96ba40180b
SHA512

d1b1875fc962a3cf53257ea5ca4ffd25996dd0e56f40592f9325e94ae22725b5a6ef26e39b93f6446342c7f431d4d99337a1978c4151dd6be471b33b972f111e
SSDEEP

98304:+Ke9/AEAy4U80HysY89YFB10rw0RI86XPhp:nCzB9Pq8Miw0RILf

Score

N/A

Malware Config

Signatures

Files

13b87ee26d23bb310d82b436f9fbaecae45b585985594c952693ed96ba40180b
.exe windows x86

d8fd8ed016edd15ded1e19659e38fe73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

winmm

midiStreamRestart

ws2_32

WSACleanup

kernel32

GetFileType

user32

GetDlgItem

gdi32

LineTo

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

DragQueryFileA

ole32

OleRun

oleaut32

SafeArrayAccessData

comctl32

ord17

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 2.2MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy