e6d4e0cb91b99faca6e9f8cf2a80ee69b0b2b4e19bacd3de376cc7dbff584b2a | Triage

Submit
Reports

Overview

overview

8

Static

static

e6d4e0cb91...2a.exe

windows7-x64

8

e6d4e0cb91...2a.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e6d4e0cb91b99faca6e9f8cf2a80ee69b0b2b4e19bacd3de376cc7dbff584b2a.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

e6d4e0cb91b99faca6e9f8cf2a80ee69b0b2b4e19bacd3de376cc7dbff584b2a.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

e6d4e0cb91b99faca6e9f8cf2a80ee69b0b2b4e19bacd3de376cc7dbff584b2a
Size

166KB
MD5

0df6506ab4b89bbc3c56328613078947
SHA1

76147b06c95e00e7d28f05493519cb90e5cad3ff
SHA256

e6d4e0cb91b99faca6e9f8cf2a80ee69b0b2b4e19bacd3de376cc7dbff584b2a
SHA512

9b8edacdbfc55c1bf4b6dbd7cb050e79c5cd49ebfecd6c33b28a5fa8af6dd4895b7bd01832662d2e5b2062b5d08a28ad8d395172ac7324eb45ea7db3daf5b6ef
SSDEEP

3072:3jQB0D+nVL/Ump2HwqiNoyVFwPVEoIplxXBhgOO4PsK/YEHIPKjHjozutgs6N8gF:zMnVLbAiyyHw9O/gOHUL7CjHsSQ8g1

Score

N/A

Malware Config

Signatures

Files

e6d4e0cb91b99faca6e9f8cf2a80ee69b0b2b4e19bacd3de376cc7dbff584b2a
.exe windows x86

5c5c8b0336da62839561175080034a0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaCyVar
__vbaCyErrVar
__vbaBoolVarNull
__vbaAryUnlock
__vbaAryRebase1Var

kernel32

CloseHandle
OpenFileMappingA
FindResourceA
ExitProcess
EnumResourceNamesA

advapi32

LsaEnumerateTrustedDomainsEx
LsaCreateTrustedDomainEx
LsaEnumeratePrivileges

dsound

DirectSoundCaptureEnumerateW
DirectSoundEnumerateW
DirectSoundCaptureCreate8

user32

DrawCaption
LoadIconA
DispatchMessageA
ShowCaret
ShowOwnedPopups
DestroyCaret
CreateIconFromResource
CreateIcon
CharToOemA
wsprintfA
OemToCharW

msvfw32

ord2
ICGetDisplayFormat
DrawDibRealize
DrawDibOpen
DrawDibEnd

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy