beb791b3ce8c7a7ea8e1a93c9545ea0a9480cccda5d2c75d156c760bd47d4975 | Triage

Submit
Reports

Overview

overview

6

Static

static

beb791b3ce...75.dll

windows7-x64

6

beb791b3ce...75.dll

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

beb791b3ce8c7a7ea8e1a93c9545ea0a9480cccda5d2c75d156c760bd47d4975.dll

Resource

win7-20221111-en

bootkit discovery persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

beb791b3ce8c7a7ea8e1a93c9545ea0a9480cccda5d2c75d156c760bd47d4975.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

beb791b3ce8c7a7ea8e1a93c9545ea0a9480cccda5d2c75d156c760bd47d4975
Size

64KB
MD5

ef57b542a2c69502abb12bec1bafaa85
SHA1

a31ac5f72f0c0aafe8cf0d76aef6e891e094fe96
SHA256

beb791b3ce8c7a7ea8e1a93c9545ea0a9480cccda5d2c75d156c760bd47d4975
SHA512

be6fe409f36255dd8db961151f50132c23c2e61380d951830063a79fe331857a001c8f13e54eca54009a0949fbafed55175044c7b448ce6a96887c17803643c6
SSDEEP

768:khibTrRgFZ0P/8NJid0NnG4jY4SSLIyA1T5IlmhEXRFO9sK01wJwVCqCOwlf+cbO:khC0K/8Pid0NnG8nAjS0I1wJw8Uwwcz

Score

N/A

Malware Config

Signatures

Files

beb791b3ce8c7a7ea8e1a93c9545ea0a9480cccda5d2c75d156c760bd47d4975
.dll windows x86

cc6d21f80ed6b95081319972903039f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetLastError

ole32

CoCreateInstance

user32

FindWindowA
KillTimer
GetWindowLongA
SetWindowLongA
SetPropA
UpdateWindow
InvalidateRect
DefWindowProcA
DestroyWindow

msvcrt

strlen
sprintf
malloc
free

Exports

Exports

yemiidxg

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy