06df8ef67df87ad435d74b7588da0b51 | Triage

Submit
Reports

Overview

overview

8

Static

static

06df8ef67d...51.exe

windows7-x64

8

06df8ef67d...51.exe

windows10-2004-x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

06df8ef67df87ad435d74b7588da0b51.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

06df8ef67df87ad435d74b7588da0b51.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

9 signatures

150 seconds

General

Target

06df8ef67df87ad435d74b7588da0b51
Size

3.0MB
MD5

06df8ef67df87ad435d74b7588da0b51
SHA1

36b3e6595f73f94351597416846dc8079a259524
SHA256

1553da4a72f6b317c8b534406aa9e6b22c853ebfe90666a756499e6e7a69d8be
SHA512

c8644e6f36b6e408ec3e359dc37a2bc766a499ab01978900d3deb923aa42f3b9c07952d12dc6ef63942e6d1d04b29aff698968782dd8e9e65f8b24925510cb49
SSDEEP

49152:9LMz6noAioeblxJkDuPnD5J53kuavUsxy3TteDEc3MXTpGE09tqtGPg8UMe:y/X5lPD5JlDgyTAEbD0/qII8UMe

Score

N/A

Malware Config

Signatures

Files

06df8ef67df87ad435d74b7588da0b51
.exe windows x86

f43df43b3f947cd138bbdd288499e0d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

wsock32

send

version

VerQueryValueW

winmm

timeGetTime

comctl32

ImageList_Remove

mpr

WNetUseConnectionW

wininet

FtpOpenFileW

psapi

GetProcessMemoryInfo

iphlpapi

IcmpSendEcho

userenv

LoadUserProfileW

uxtheme

IsThemeActive

user32

GetDC

gdi32

LineTo

comdlg32

GetOpenFileNameW

advapi32

GetAce

shell32

DragFinish

ole32

CoGetObject

oleaut32

LoadTypeLibEx

Sections

.MPRESS1
Size: 1.5MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy