c7c8b7bd3f0223cd7d05451bd30b4cc6422a1c97261717d69d69b9f49527a98e | Triage

Submit
Reports

Overview

overview

9

Static

static

cf_ս�...Ts.exe

windows7-x64

9

cf_ս�...Ts.exe

windows10-2004-x64

9

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

cf_սڲTs.exe

Resource

win7-20220812-en

bootkit evasion persistence

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

cf_սڲTs.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral3

Sample

新云软件.url

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

新云软件.url

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

c7c8b7bd3f0223cd7d05451bd30b4cc6422a1c97261717d69d69b9f49527a98e
Size

2.5MB
MD5

f8eb041f881e0951801010ec7f9ad7fb
SHA1

979b7757c1b335cbb41b2cdcec05d562de054c1e
SHA256

c7c8b7bd3f0223cd7d05451bd30b4cc6422a1c97261717d69d69b9f49527a98e
SHA512

e301dfb02dfe4c7fd21bcdb232758d0dde7aaafc10444a8d2aa85de83f2940117c74657b38a941d24a9f15209d5d668b4cfc749a4b3d6432f67e7c2b7c21cf55
SSDEEP

49152:gfg810bWAKM8gi8lEdz7UR73+qBeIl2FWvMwyj9tRpaSfX/3ol+DYTv+Ltmib:gf30+M8gXlEdz7yNBeIlLdW9trnP/YcT

Score

N/A

Malware Config

Signatures

Files

c7c8b7bd3f0223cd7d05451bd30b4cc6422a1c97261717d69d69b9f49527a98e
.zip
cf_սڲTs.exe
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 404KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ytawnxkq
Size: 660KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

necvlspe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载说明.txt
新云软件.url
.url
Ϸͼ1.png
.png
Ϸͼ2.png
.png

© 2018-2025

Terms | Privacy