9e1e757c3b1207977179c0112f24f10178ce2d81ba6ae73a108ba26313b80153 | Triage

Submit
Reports

Overview

overview

6

Static

static

9e1e757c3b...53.exe

windows7-x64

6

9e1e757c3b...53.exe

windows10-2004-x64

5

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9e1e757c3b1207977179c0112f24f10178ce2d81ba6ae73a108ba26313b80153.exe

Resource

win7-20220901-en

bootkit persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

9e1e757c3b1207977179c0112f24f10178ce2d81ba6ae73a108ba26313b80153.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

150 seconds

General

Target

9e1e757c3b1207977179c0112f24f10178ce2d81ba6ae73a108ba26313b80153
Size

8.9MB
MD5

3f714bd57be7fb67d01a12d2c16000db
SHA1

e080427af54b1842a7db0b255dbad7596e48aa49
SHA256

9e1e757c3b1207977179c0112f24f10178ce2d81ba6ae73a108ba26313b80153
SHA512

9936e11d70a8c493bd1366be0769cf69e5710f171b64984d8b9ad7db7f948b59360ecb84b4644ced34fb9081b5a0de6d4c28d9e33da16da35acc15e54e9d3154
SSDEEP

196608:dRmyycCNAYH3Bg4hEvfaju3cyO3JOFR2ilvFJNm:dRmy+A43+4wfajUcyVFRJvlm

Score

N/A

Malware Config

Signatures

Files

9e1e757c3b1207977179c0112f24f10178ce2d81ba6ae73a108ba26313b80153
.exe windows x86

b6700005c3fff6a5ffd2a2c934cec750

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

closesocket

rasapi32

RasHangUpA

kernel32

QueryPerformanceFrequency

user32

ChildWindowFromPointEx

gdi32

GetViewportExtEx

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueExA

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromProgID

oleaut32

VariantChangeType

comctl32

ImageList_Add

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 736KB - Virtual size: 736KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy