1abd61748d9ba96b423e44b7f1ffa4011768addd191e15da3fcbdf693239f800 | Triage

Submit
Reports

Overview

overview

8

Static

static

1abd61748d...00.exe

windows7-x64

8

1abd61748d...00.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1abd61748d9ba96b423e44b7f1ffa4011768addd191e15da3fcbdf693239f800.exe

Resource

win7-20220901-en

bootkit persistence

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

1abd61748d9ba96b423e44b7f1ffa4011768addd191e15da3fcbdf693239f800.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

5 signatures

150 seconds

General

Target

1abd61748d9ba96b423e44b7f1ffa4011768addd191e15da3fcbdf693239f800
Size

332KB
MD5

7cb7b3e3c4e9d4e68ace9069f5f77400
SHA1

edb150c5b6259c193081104b5cfe9ea98020060e
SHA256

1abd61748d9ba96b423e44b7f1ffa4011768addd191e15da3fcbdf693239f800
SHA512

c0c62a554b299bb055f7aea6d246fa03919c9c720132aee42fc082bb0e64020df562ce2e38eca4b72607de4b2cff1f5cc9c4923ed922027b7a63af515e9f2b62
SSDEEP

6144:aIdCTa7OGQc/QkbmbDlvg293WEIpE+AUHZFAqTKiIdGaf1I+3njU9:aIdF7OGQc/QsSIhEe9HjAqTKiPKH3nj2

Score

N/A

Malware Config

Signatures

Files

1abd61748d9ba96b423e44b7f1ffa4011768addd191e15da3fcbdf693239f800
.exe windows x86

3dfe74cb212457c84eb660b874da9093

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcmp
memcpy

kernel32

Heap32Next
Module32First
Sleep
VirtualAlloc
VirtualFree
VirtualProtect
GetProcAddress
LoadLibraryA
CreateFileA
GetEnvironmentVariableW
Heap32First

user32

PostMessageA
SendMessageA

wininet

FtpGetCurrentDirectoryA
InternetConnectA

ole32

CoUninitialize

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy