3534526805ea4fafec77e90ca9f11d7a5ec3f47233eb725192994b99354045d0 | Triage

Submit
Reports

Overview

overview

6

Static

static

3534526805...d0.exe

windows7-x64

6

3534526805...d0.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3534526805ea4fafec77e90ca9f11d7a5ec3f47233eb725192994b99354045d0.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

3534526805ea4fafec77e90ca9f11d7a5ec3f47233eb725192994b99354045d0.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

6 signatures

150 seconds

General

Target

3534526805ea4fafec77e90ca9f11d7a5ec3f47233eb725192994b99354045d0
Size

682KB
MD5

38bad9b5c24e1a70079e8f733676a804
SHA1

fd09f239c08fad04c5b713782a09a9e8fcc3aaf8
SHA256

3534526805ea4fafec77e90ca9f11d7a5ec3f47233eb725192994b99354045d0
SHA512

ee522b23b2ac4bef0c0c7fa418acd14fafc46bad551cd4ae71453730bce783b26daa6ec13122ef15b18b4c02e9be7c71d4216f0eac9fd3297f0b2737d4519d79
SSDEEP

12288:L81ISJOiQt90c2KlVKDbHALhxuxpPGAAoi:LcISJO10cRl0khSj

Score

N/A

Malware Config

Signatures

Files

3534526805ea4fafec77e90ca9f11d7a5ec3f47233eb725192994b99354045d0
.exe windows x86

41362d28d86b83592623eebc60729439

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

powrprof

SetActivePwrScheme

pdh

PdhGetFormattedCounterValue

psapi

GetModuleFileNameExA

version

GetFileVersionInfoSizeA

shfolder

SHGetFolderPathA

user32

PostQuitMessage

gdi32

GetViewportExtEx

comdlg32

ChooseColorA

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

DragQueryFileA

comctl32

ImageList_GetIconSize

oledlg

ord8

ole32

CoFreeUnusedLibraries

olepro32

ord253

oleaut32

VarDateFromStr

Sections

.text
Size: 267KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 414KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy