8c6f67735397e390fd0979ad12a69eab4ca5dba800f538df6e9848ec38e923ae | Triage

Submit
Reports

Overview

overview

6

Static

static

8c6f677353...ae.exe

windows7-x64

6

8c6f677353...ae.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8c6f67735397e390fd0979ad12a69eab4ca5dba800f538df6e9848ec38e923ae.exe

Resource

win7-20221111-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

8c6f67735397e390fd0979ad12a69eab4ca5dba800f538df6e9848ec38e923ae.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

8c6f67735397e390fd0979ad12a69eab4ca5dba800f538df6e9848ec38e923ae
Size

193KB
MD5

3ce70cb29e1f2f6f1f03954a98d7393c
SHA1

d061f9a40a8ba5af6c25c57725b44b41fda81a10
SHA256

8c6f67735397e390fd0979ad12a69eab4ca5dba800f538df6e9848ec38e923ae
SHA512

12d6cfa7dc0589ce3c0a06842e7e9db79f9c1f6d0a898dc9ffc8d5826becba8b915b88f7e979581fa5d5cbd14113e1450818f4851f39f6d17d70d49d4397b659
SSDEEP

6144:eEBTH0kOpERIDJMjF8f+glI1N71nKk8s:eY70kOpEMU6i1Kh

Score

N/A

Malware Config

Signatures

Files

8c6f67735397e390fd0979ad12a69eab4ca5dba800f538df6e9848ec38e923ae
.exe windows x86

5b7b12ebdddf47e41509589e0631d1fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetArgsW
ChrCmpIW
StrCmpW

msvcrt

strcoll
fgets
wcscmp
isalpha
vswprintf
iswspace
free

kernel32

GetTickCount
lstrcmpiA
OpenEventW
lstrlenA
GetComputerNameW
VirtualProtect
GetFileSize

gdi32

PtVisible
SetAbortProc
PatBlt
EnumFontFamiliesExW
CreateRectRgn

user32

SendNotifyMessageW
GetKeyState
mouse_event
GetClassNameW
CharPrevA
GetParent
GetCaretBlinkTime
SetWindowTextW
GetForegroundWindow
MapWindowPoints
GetActiveWindow
MapVirtualKeyExA

Exports

Exports

?xynubseiYW@@YGPAXPA_N@Z
?bEvXzlqvB@@YGXPAI@Z
?kzkjjxgfosu@@YGMHJ@Z
?kzqGbqlPojzpj@@YGXIPAF@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 154KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy