fc1b4aaa8e1a576f8c70386047b310430497d1988c4f4e8972b0e17f9b4bcbb7 | Triage

Submit
Reports

Overview

overview

6

Static

static

fc1b4aaa8e...b7.exe

windows7-x64

6

fc1b4aaa8e...b7.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

fc1b4aaa8e1a576f8c70386047b310430497d1988c4f4e8972b0e17f9b4bcbb7.exe

Resource

win7-20220901-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc1b4aaa8e1a576f8c70386047b310430497d1988c4f4e8972b0e17f9b4bcbb7.exe

Resource

win10v2004-20220901-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

fc1b4aaa8e1a576f8c70386047b310430497d1988c4f4e8972b0e17f9b4bcbb7
Size

171KB
MD5

3afe90489302d7d9fb5067d02c6819b7
SHA1

cc2daa58b0538c1bbf2b6efdd8e1db70a4b535a1
SHA256

fc1b4aaa8e1a576f8c70386047b310430497d1988c4f4e8972b0e17f9b4bcbb7
SHA512

f4cc688ed623a0eb6c2a07a9e67cc0176eedbd06ec85ebeb11fc730dafe9e1620ab2234d1c9f77db2106f24dcfbf020c9d1ad29973c26bfe6ae24cb4051263be
SSDEEP

3072:2wA+o5wfaBJh+cowuoUaA2wLetOkoJU3d9m9xBnukVKiufHvZC:PnorUFRodoL6Okomm9xBH/A

Score

N/A

Malware Config

Signatures

Files

fc1b4aaa8e1a576f8c70386047b310430497d1988c4f4e8972b0e17f9b4bcbb7
.exe windows x86

3e2b6c1b837e3b261ba4a55256b03af5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_strlwr

kernel32

HeapValidate
WaitForMultipleObjects
ExitProcess
GetShortPathNameA
GetACP
IsBadReadPtr
GetCommState

shlwapi

StrCmpNIA
PathMatchSpecA
PathCommonPrefixW
StrSpnA
PathStripToRootA

user32

InSendMessage
GetMenuItemID
SwitchToThisWindow
GetKeyState
CharUpperBuffA
FindWindowW
GetScrollPos
GetMessagePos
DialogBoxParamA
CreateCaret
GetKeyboardLayoutNameW
OpenInputDesktop
MessageBoxA
IsCharLowerA

comdlg32

FindTextW
GetSaveFileNameW
GetFileTitleW
GetOpenFileNameW

gdi32

LineDDA
SetDIBitsToDevice
CreatePatternBrush
GetTextCharsetInfo
GetTextExtentPointW
BeginPath

Exports

Exports

?zhupqvIrsXceM@@YGEPAJH@Z
?ckAdmvn@@YGHFI@Z
?gpvfupcfpftKQUyj@@YGXK@Z
?qmWzatFU@@YGPAHM@Z

Sections

.itext
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 139KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy