a18ece9474e30c0c2af0ea7540f5f10360198518cedb5ad0adda82aea3df5a0f | Triage

Submit
Reports

Overview

overview

6

Static

static

a18ece9474...0f.exe

windows7-x64

6

a18ece9474...0f.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a18ece9474e30c0c2af0ea7540f5f10360198518cedb5ad0adda82aea3df5a0f.exe

Resource

win7-20220901-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

a18ece9474e30c0c2af0ea7540f5f10360198518cedb5ad0adda82aea3df5a0f.exe

Resource

win10v2004-20220812-en

bootkit persistence

windows10-2004-x64

4 signatures

150 seconds

General

Target

a18ece9474e30c0c2af0ea7540f5f10360198518cedb5ad0adda82aea3df5a0f
Size

193KB
MD5

a1abf3b3e6b17b5f0592eebd0ae44e6e
SHA1

a0d3bd16cb3dc13422818d4c0b52184fbb9f6ed3
SHA256

a18ece9474e30c0c2af0ea7540f5f10360198518cedb5ad0adda82aea3df5a0f
SHA512

ef7760800af5f9bf161a201d945dbfb805797f68c75909968d2a73ab2bed470a321ef86b51dfcc47d561516d123232ce1b058b92a21b9e3fb7977079302e6f20
SSDEEP

3072:O3Zsni+fEerKD+o3R46COJJw3eosy/9mV4mCVsjggniiI54eo2WZtDj3qtgreveS:vC+CR46VwuosylWln8WLqufjW

Score

N/A

Malware Config

Signatures

Files

a18ece9474e30c0c2af0ea7540f5f10360198518cedb5ad0adda82aea3df5a0f
.exe windows x86

419c500edd2a11f22233549397eae962

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetCurrentDirectoryW
OpenEventW
GlobalFree
lstrcpyW
DeleteAtom
GlobalGetAtomNameW
GetTickCount
LoadLibraryExW
GetLocaleInfoW
lstrlenW
CancelIo
GetLongPathNameW

shlwapi

UrlIsW
PathIsDirectoryW
StrIsIntlEqualW

user32

GetSubMenu
GetMessageA
ArrangeIconicWindows
TrackPopupMenu
MonitorFromPoint
wsprintfA
LoadStringA
GetIconInfo
DefFrameProcA
CreateDialogParamW
GetForegroundWindow
GetScrollRange
BringWindowToTop

gdi32

CombineRgn
SetLayout
GetTextFaceW
ResizePalette
CreateCompatibleDC
SetStretchBltMode
RestoreDC

Exports

Exports

?mogJeCxgR@@YGDDI@Z
?qEwYtgbvm@@YG_NDPAD@Z

Sections

.itext
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy