398c15b5704960ceab774b8596b916656a3ff3b7428177ce9925254b8295fd56 | Triage

Submit
Reports

Overview

overview

Static

static

398c15b570...56.exe

windows7-x64

398c15b570...56.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

398c15b5704960ceab774b8596b916656a3ff3b7428177ce9925254b8295fd56.exe

Resource

win7-20220901-en

sality backdoor bootkit evasion persistence trojan upx

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

398c15b5704960ceab774b8596b916656a3ff3b7428177ce9925254b8295fd56.exe

Resource

win10v2004-20220901-en

sality backdoor bootkit evasion persistence trojan upx

windows10-2004-x64

17 signatures

150 seconds

General

Target

398c15b5704960ceab774b8596b916656a3ff3b7428177ce9925254b8295fd56
Size

1.0MB
MD5

803d3f4ce39deec705e908710514c93c
SHA1

865494e066946d98eed6683afea6768fb469d870
SHA256

398c15b5704960ceab774b8596b916656a3ff3b7428177ce9925254b8295fd56
SHA512

fa79e47e8ba928acdb18f31be302f9e2ca7b061bc9a03417f503a5e5b6cff83436c1ad29263b338daf753a1bd7767a1815f6d34f34ca4f9d2030f14eb1cc0d48
SSDEEP

24576:OgUHbX5ZiqwgextduqxI+x5MXFq+eOuz06xD:OPHb7iqwhJBxP+3uzDD

Score

N/A

Malware Config

Signatures

Files

398c15b5704960ceab774b8596b916656a3ff3b7428177ce9925254b8295fd56
.exe windows x86

5d8835e315767e00b2cb5a5810ebadb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
SetErrorMode

wsock32

setsockopt

user32

TabbedTextOutA

gdi32

StretchBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemAlloc

olepro32

ord253

oleaut32

SysFreeString

Sections

Size: 160KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fokxwtef
Size: 812KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ckcoabln
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy