286c208f042d931f7c6b92ab96a0cdfb1030d622e04bd778f148896c58c1307b | Triage

Submit
Reports

Overview

overview

6

Static

static

286c208f04...7b.exe

windows7-x64

6

286c208f04...7b.exe

windows10-2004-x64

6

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

286c208f042d931f7c6b92ab96a0cdfb1030d622e04bd778f148896c58c1307b.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

286c208f042d931f7c6b92ab96a0cdfb1030d622e04bd778f148896c58c1307b.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

286c208f042d931f7c6b92ab96a0cdfb1030d622e04bd778f148896c58c1307b
Size

183KB
MD5

60624020a4f1ed2db200d5045bf20686
SHA1

f35f3863f62e4339d02bb20468e7e8db25d70ce0
SHA256

286c208f042d931f7c6b92ab96a0cdfb1030d622e04bd778f148896c58c1307b
SHA512

38af8d7cecf1d46cf06a1b8ecf40953dcbef7e0c79875175b1459f818e6aa58dc2f14e23be5c146fb5f16df2715c4eee2af53da4d028697b16376abb233c8842
SSDEEP

3072:pJ0K+MdtfD6IR6NG67f+Q6ogHdZpxQkmovGqx8TEnd7sjBIIotIMKV:pJ0TuINf+EgZxvmoOqaSI+IotOV

Score

N/A

Malware Config

Signatures

Files

286c208f042d931f7c6b92ab96a0cdfb1030d622e04bd778f148896c58c1307b
.exe windows x86

2837a1d6a148f1ec86e0b155d838a072

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsDialogMessageA
InSendMessageEx
SetScrollPos
GetKeyNameTextW
GetDesktopWindow
GetWindow
RegisterClassExA
GetMenuStringW
GetClipCursor
MapVirtualKeyA
GetParent
SetSysColors

ntdll

_aullrem

kernel32

WaitForSingleObjectEx
lstrlenW
GetStringTypeExW
LoadLibraryExW
EnumResourceNamesA
GetFileTime
GetModuleHandleW
lstrlenA
CompareStringW
CreateSemaphoreA
GetFullPathNameA
SuspendThread

gdi32

GetDeviceCaps
SetROP2
BitBlt
StretchDIBits
EnumFontFamiliesExW
StretchBlt
SetPixel
ExtTextOutA

Exports

Exports

?peoziuJpycn@@YGHPA_N@Z
?tefToSwqKMuDTjh@@YGMDPA_N@Z
?pdWwhKcuPyk@@YGKDN@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.new
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy