8a1ae75ae7693a8999ef1d89a1255c923d0cef55819585840fd6238ba6419e9d | Triage

Submit
Reports

Overview

overview

6

Static

static

8a1ae75ae7...9d.exe

windows7-x64

6

8a1ae75ae7...9d.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8a1ae75ae7693a8999ef1d89a1255c923d0cef55819585840fd6238ba6419e9d.exe

Resource

win7-20221111-en

bootkit discovery persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8a1ae75ae7693a8999ef1d89a1255c923d0cef55819585840fd6238ba6419e9d.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

8a1ae75ae7693a8999ef1d89a1255c923d0cef55819585840fd6238ba6419e9d
Size

58KB
MD5

6a33a589c272c0a1a1a4c90c2064ca8f
SHA1

8d2e49ea8b6cb7d416c5a7fc1f66860108ac0bce
SHA256

8a1ae75ae7693a8999ef1d89a1255c923d0cef55819585840fd6238ba6419e9d
SHA512

1771062892f0d07c8537f50a8845f89d53daa1c334707d10973caa16afa5343d9027ad11d3f76a5644ec52c7db300d23e1d281536dbd5510f6e7f1f04b983743
SSDEEP

1536:yT8uXUU475zvRyMIMgnB0CVOUpY/obTuk8Iu22:yGF5zT5gnB0CVTFqk8Iu22

Score

N/A

Malware Config

Signatures

Files

8a1ae75ae7693a8999ef1d89a1255c923d0cef55819585840fd6238ba6419e9d
.exe windows x86

dbb268a858c1392d055274ded7894cf5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
SetFilePointer
CloseHandle
CreateFileA
GetModuleFileNameA
GetModuleHandleA
InterlockedDecrement
GetProcessHeap
HeapFree
EnumCalendarInfoExA
HeapValidate
IsValidLanguageGroup
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CompareStringA
WaitForMultipleObjects
HeapAlloc
ExitProcess

advapi32

RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegDeleteValueW
RegEnumValueA
RegOpenKeyExW

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy