38e5e385f8cd6860791268a6d3d761180d29b73a3330f052d286d42f1f576dc6 | Triage

Submit
Reports

Overview

overview

8

Static

static

38e5e385f8...c6.exe

windows7-x64

38e5e385f8...c6.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

38e5e385f8cd6860791268a6d3d761180d29b73a3330f052d286d42f1f576dc6.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

38e5e385f8cd6860791268a6d3d761180d29b73a3330f052d286d42f1f576dc6.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

6 signatures

150 seconds

General

Target

38e5e385f8cd6860791268a6d3d761180d29b73a3330f052d286d42f1f576dc6
Size

20KB
MD5

a208eec6a89cb461545ee0dcde666410
SHA1

4f9236cea6f7e8325f695c741cb699c8f5fe1dbc
SHA256

38e5e385f8cd6860791268a6d3d761180d29b73a3330f052d286d42f1f576dc6
SHA512

76c4f63d87517d0f50574a7f495d6f980ef66654dd7238ee6cd26e80d0ff7e14c17e0f4e0adb352873d089b78b04ac1313cbdaf6a4f5ad00ac4f0d4774fc7378
SSDEEP

384:FZZ4mhtYq1tldPoTByJmvz3Mtwc2aPnnHYM4TIqMJl8LmekXkH:Z4m8qb2YILe/HYOtJeLmeckH

Score

N/A

Malware Config

Signatures

Files

38e5e385f8cd6860791268a6d3d761180d29b73a3330f052d286d42f1f576dc6
.exe windows x86

afbdf55048be2724432c3c0fd63e0569

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError

ole32

CoSetProxyBlanket
CoCreateInstance

kernel32

GetLastError
VirtualAlloc

advapi32

RegQueryValueExW
RegCloseKey

setupapi

SetupDiSetClassInstallParamsW
SetupDiOpenClassRegKeyExW
SetupDiCreateDevRegKeyW
CM_Get_Device_ID_ExW
SetupDiGetClassInstallParamsW
SetupDiGetDeviceInfoListDetailW

gdi32

SetBkColor

dbghelp

MapDebugInformation

msvcrt

_wcsnicmp
wcsncpy
_chdir
_beep
_beginthread
exit
wcslen
wcscat
wcscpy
iswctype
_wtoi64

comctl32

CreatePropertySheetPageW

user32

EnableWindow
ShowWindow
GetDlgItem
SendMessageW
SetWindowLongW
GetSysColor
wsprintfW
GetDlgCtrlID
GetWindowLongW
MessageBoxW
GetSysColorBrush
LoadStringW

crypt32

I_CryptGetTls

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy