5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9 | Triage

Submit
Reports

Overview

overview

6

Static

static

5e1e21f19f...e9.dll

windows7-x64

6

5e1e21f19f...e9.dll

windows10-2004-x64

6

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9.dll

Resource

win7-20220901-en

bootkit persistence

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9.dll

Resource

win10v2004-20221111-en

bootkit persistence

windows10-2004-x64

7 signatures

150 seconds

General

Target

5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9
Size

2.5MB
MD5

8e5a651d0b0c4088a4e34ac9091c05d7
SHA1

6033b7c8fb7ebd6176a98d09cd2ee0afa1fe5cb7
SHA256

5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9
SHA512

a47599c15ce45a678e35d6e8b4a486208d867e5e7af4b5d29e2d4d210b51e0f4d3607fd0762fa20bf1b0c9a926fdc26d9253c4a55efae40bb0dc2db0ca9bc376
SSDEEP

49152:tVPOE69onqxGYOP00L1KqQYwH5wfUaqXuY1v:UGqEP00AqQX5XLXuY1v

Score

N/A

Malware Config

Signatures

Files

5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9
.dll windows x86

fdc037aba922ae2a5ad331de216aba29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamRestart

ws2_32

inet_ntoa

kernel32

GetTimeZoneInformation

user32

GetDlgItem

gdi32

LineTo

msimg32

GradientFill

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetIcon

comdlg32

GetOpenFileNameA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy