30ca8e00e8465419bd3349cd2604f9178a3b87b9d8ebc569f8f7a6c29c3e1de8 | Triage

Submit
Reports

Overview

overview

6

Static

static

30ca8e00e8...e8.exe

windows7-x64

6

30ca8e00e8...e8.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

30ca8e00e8465419bd3349cd2604f9178a3b87b9d8ebc569f8f7a6c29c3e1de8.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

30ca8e00e8465419bd3349cd2604f9178a3b87b9d8ebc569f8f7a6c29c3e1de8.exe

Resource

win10v2004-20220901-en

bootkit persistence

windows10-2004-x64

4 signatures

150 seconds

General

Target

30ca8e00e8465419bd3349cd2604f9178a3b87b9d8ebc569f8f7a6c29c3e1de8
Size

2.2MB
MD5

2126edfb58b73213ddb48bccdf14bce2
SHA1

dcf11c1bc975f14058d723e4a2fa0d4ce7992b65
SHA256

30ca8e00e8465419bd3349cd2604f9178a3b87b9d8ebc569f8f7a6c29c3e1de8
SHA512

546971c800656db47d230dd96194949c459c7ce62a8adb885ed61ead7ce69a298b8a630f7653dd70a9153f05339e8a7c0bf8faa8ed10d3aca60d43284814b1ce
SSDEEP

49152:cAkzZiE/763cfXgjHv6VC5N9iAQ/vmGB0jjHB1YYqyuBuojMgr8:Pk9n/763cfwjP6VC5GHvjB0PbLuu

Score

N/A

Malware Config

Signatures

Files

30ca8e00e8465419bd3349cd2604f9178a3b87b9d8ebc569f8f7a6c29c3e1de8
.exe windows x86

05f2bbc9811546a7ebe0c8068cc766df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

send

kernel32

GetWindowsDirectoryA

user32

SetForegroundWindow

gdi32

PtVisible

winspool.drv

ClosePrinter

advapi32

RegOpenKeyA

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

RegisterTypeLi

comctl32

ImageList_Read

wininet

InternetCanonicalizeUrlA

comdlg32

GetOpenFileNameA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 1.0MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy