f8790e70378469d76d28d78f894a4e41a2e73bdd98e0adc9d167d6be05124c69 | Triage

Submit
Reports

Overview

overview

6

Static

static

f8790e7037...69.dll

windows7-x64

6

f8790e7037...69.dll

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f8790e70378469d76d28d78f894a4e41a2e73bdd98e0adc9d167d6be05124c69.dll

Resource

win7-20220812-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

f8790e70378469d76d28d78f894a4e41a2e73bdd98e0adc9d167d6be05124c69.dll

Resource

win10v2004-20220901-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

f8790e70378469d76d28d78f894a4e41a2e73bdd98e0adc9d167d6be05124c69
Size

207KB
MD5

5d62d6f309ea73c542046b7eb53d18ee
SHA1

5fb086651d3d6c5ba10f354902a1bbe69fe91357
SHA256

f8790e70378469d76d28d78f894a4e41a2e73bdd98e0adc9d167d6be05124c69
SHA512

ee0c5b42ae61e5c95827f7a0a86061539701fd18f878f7473dd162d569c0a95d6dfdb881f36f1994eef007f18f35471bc0d10037fdc3670b67fd48757522d1a5
SSDEEP

3072:mJUdIC8IPuJ4Lx92RgLi7TyrgSkQxAEr3jfobGntZrAW80AK9jgXor4cFjbH509n:mJ+jx9i/eCQ3rXZ0W80FVrvnZvg

Score

N/A

Malware Config

Signatures

Files

f8790e70378469d76d28d78f894a4e41a2e73bdd98e0adc9d167d6be05124c69
.dll windows x86

c6788364623dc62aabc22d1f05e56bd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

ole32

CoTaskMemFree

wininet

InternetCrackUrlA

urlmon

URLDownloadToFileA

user32

AdjustWindowRectEx

gdi32

CreateSolidBrush

advapi32

InitializeSecurityDescriptor

oleaut32

VarUI4FromStr

Exports

Exports

Always
ConfigCast
GetPlayerVersion
HaahSBd
IJHEHd
PlayA
PrioritSetAd
PutAdSpecial
PutAdsware
SetAdrkOn
StandupYoured
UPAdInfo
adee
jlkjde
plkeAq
sasa

Sections

.text
Size: 164KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy