f944f8a4078ab93ab15a6ded561bb234f6246b9f8fd916f2b486040779e99626 | Triage

Submit
Reports

Overview

overview

7

Static

static

f944f8a407...26.exe

windows7-x64

7

f944f8a407...26.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f944f8a4078ab93ab15a6ded561bb234f6246b9f8fd916f2b486040779e99626.exe

Resource

win7-20220901-en

bootkit evasion persistence trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

f944f8a4078ab93ab15a6ded561bb234f6246b9f8fd916f2b486040779e99626.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

f944f8a4078ab93ab15a6ded561bb234f6246b9f8fd916f2b486040779e99626
Size

959KB
MD5

57bae99b05732b8dd176d4080e69c492
SHA1

b7538e88bdf93402cc974a9a6be04ae62384b238
SHA256

f944f8a4078ab93ab15a6ded561bb234f6246b9f8fd916f2b486040779e99626
SHA512

77bb436203c5725a99af194eb617964d5b515e0abfb1008f8d66b9b15e99afc66831bef434535b8ddebd9bc963fc2f23443efee905c8c857ba8b3b12c8fe1e9e
SSDEEP

12288:FikuBd3JlMu08WHzYqC3+m9pJXR3rYf0EKzxki5Izu7MJp/BPA/KwGVPevqEQZPP:IRCEv3ppJZrDTbIzN1iKhXNeztdMe

Score

N/A

Malware Config

Signatures

Files

f944f8a4078ab93ab15a6ded561bb234f6246b9f8fd916f2b486040779e99626
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 33KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

crlhchro
Size: 794KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

trwyprte
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy