9589cff86d713e2e8fa8f348e29e965554cd6d41157f8019cc8eb270e9b5fd51 | Triage

Submit
Reports

Overview

overview

6

Static

static

9589cff86d...51.dll

windows7-x64

6

9589cff86d...51.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9589cff86d713e2e8fa8f348e29e965554cd6d41157f8019cc8eb270e9b5fd51.dll

Resource

win7-20220901-en

bootkit discovery persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

9589cff86d713e2e8fa8f348e29e965554cd6d41157f8019cc8eb270e9b5fd51.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9589cff86d713e2e8fa8f348e29e965554cd6d41157f8019cc8eb270e9b5fd51
Size

92KB
MD5

7bb06c9326ee6d1c924056515c065c87
SHA1

2e89b7506c7727336ec31b0c816578bfb68a80f3
SHA256

9589cff86d713e2e8fa8f348e29e965554cd6d41157f8019cc8eb270e9b5fd51
SHA512

8d82d5591d2aff8ece7a784779f18accdab5c78d0c164b99a90606c5c735ad32fc468dbc9ef6993a71748763c18f86a57d07667b065cd84b04670d5f40558d21
SSDEEP

1536:dUvNEsItWrOzuh7NhKlSIXqMKO5h35xAorSlbXqoHsn3rM:GvNEsSWrOzuhKlSI6ZO5hJyorSlWa0r

Score

N/A

Malware Config

Signatures

Files

9589cff86d713e2e8fa8f348e29e965554cd6d41157f8019cc8eb270e9b5fd51
.dll windows x86

7431855a45dc6f6362615bd7994faaa4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
GetUserDefaultUILanguage
GetCurrentProcessId
GetLocaleInfoW
RtlUnwind
CreateFileW
GetVersionExW
SetLastError
GetProcessHeap
HeapAlloc
GetSystemDefaultUILanguage
TerminateProcess
lstrcmpA
FindResourceW
MoveFileA
FormatMessageA
SetUnhandledExceptionFilter
GetModuleFileNameA
UnmapViewOfFile
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
GetShortPathNameA
QueryPerformanceCounter
GetLastError
LoadLibraryExW
HeapFree
UnhandledExceptionFilter
MapViewOfFile
InterlockedExchange
LoadResource
LocalFree
GetCurrentProcess
GetTempPathA
FreeLibrary
CloseHandle
SearchPathW
GetFileSize
GetFileTime
GetVersionExA
FindResourceExW
SetFileAttributesA
CompareStringA
CreateFileMappingW
CreateFileA
lstrlenA
MultiByteToWideChar
Sleep

ole32

CoInitialize
CoCreateInstance
CoUninitialize

user32

MessageBoxA
LoadStringA

advapi32

LookupAccountSidA

Exports

Exports

amwsb

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy