e716f02ea2f260c002ca521d97ccf5693f0c76eef776aca2283052d04774f101 | Triage

Submit
Reports

Overview

overview

6

Static

static

e716f02ea2...01.exe

windows7-x64

6

e716f02ea2...01.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e716f02ea2f260c002ca521d97ccf5693f0c76eef776aca2283052d04774f101.exe

Resource

win7-20220812-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

e716f02ea2f260c002ca521d97ccf5693f0c76eef776aca2283052d04774f101.exe

Resource

win10v2004-20220901-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

e716f02ea2f260c002ca521d97ccf5693f0c76eef776aca2283052d04774f101
Size

176KB
MD5

115d57a4a74af61f84b08a9b2e074ae9
SHA1

71c940cfd0fbf14eef5ea2cfadb01f7231cd4e6c
SHA256

e716f02ea2f260c002ca521d97ccf5693f0c76eef776aca2283052d04774f101
SHA512

c5993598157d2c73cfda618abc99441aa6fa80b8ea7615eddc74e90072e27d8b72b7b69597533e42135db3e6a04bb412435f1b83c72f1d7bcd42e257e37da6d5
SSDEEP

3072:hhohiNDxU+4YDaFFK3xdo8liCDm5jBF+PgKAJ0eyLvdD++SHo49jpnBZX3eOTNi:o4dLeGdmB8PRAJFy5hYnFrHeuN

Score

N/A

Malware Config

Signatures

Files

e716f02ea2f260c002ca521d97ccf5693f0c76eef776aca2283052d04774f101
.exe windows x86

f1cde5db6c22babdd4568c8cdf0c7d87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

TranslateCharsetInfo
GetObjectA
PatBlt
SetBkColor
Polygon

msvcrt

isalnum
wcscspn
fseek
getc
floor
mbtowc
toupper

user32

DestroyMenu
SetPropW
IsCharAlphaNumericW
GetAsyncKeyState
WaitForInputIdle
GetDlgItemTextW
LoadMenuW
SetFocus
GetCursorPos
ChangeMenuW
GetDC
ShowCursor
GetWindowTextW

shlwapi

PathMakePrettyW
PathCommonPrefixW
StrCmpNIA

kernel32

FormatMessageA
SetHandleCount
SetWaitableTimer
lstrcpyW
DeleteCriticalSection
SetFileApisToOEM

Exports

Exports

?rXExjexhfacdvfH@@YGEPAHJ@Z
?thrizcelfnzrbnz@@YGMPAH@Z
?YUmklyCB@@YGKPAE@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 143KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy