c9e3484b2cc370231b69829fdc2641d712b4459955d7e7ba43fbdb4cfae8d5c3 | Triage

Submit
Reports

Overview

overview

6

Static

static

c9e3484b2c...c3.dll

windows7-x64

6

c9e3484b2c...c3.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c9e3484b2cc370231b69829fdc2641d712b4459955d7e7ba43fbdb4cfae8d5c3.dll

Resource

win7-20220901-en

bootkit discovery persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c9e3484b2cc370231b69829fdc2641d712b4459955d7e7ba43fbdb4cfae8d5c3.dll

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c9e3484b2cc370231b69829fdc2641d712b4459955d7e7ba43fbdb4cfae8d5c3
Size

58KB
MD5

9653b0411a4c4526bc9ca06c7a55541e
SHA1

9c1a87090984b8b813502d8b084b7e35de6bc474
SHA256

c9e3484b2cc370231b69829fdc2641d712b4459955d7e7ba43fbdb4cfae8d5c3
SHA512

f5705a02ed85c07102253e8990995a5b5e8795290a26fdba47461591dca30e64631c15029bae67f5a615491aac5567178863228b7008a846c1fbad679aa68fd4
SSDEEP

1536:fLHIj5K10RwVQW/XJRQFjQ6WI+MIzwhNREYKjb:fLHQcG2pRRQixI1RlKjb

Score

N/A

Malware Config

Signatures

Files

c9e3484b2cc370231b69829fdc2641d712b4459955d7e7ba43fbdb4cfae8d5c3
.dll windows x86

95f44b6a1f284e846c47d1648f742161

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapDestroy
OpenEventW
FindResourceExW
FindResourceW
Beep
HeapAlloc
GetProcessHeap
HeapFree
SetFilePointerEx
SetLastError
ExitProcess

rpcrt4

RpcEpUnregister
RpcEpRegisterW
RpcStringBindingParseW
RpcBindingToStringBindingW
RpcBindingVectorFree

crypt32

CryptProtectData

Exports

Exports

bhrbuswa

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 986B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy