8e7ba72e610ed1394d6c6545776d3cea10609f502248ed93a60d0c4f0e74c35f | Triage

Submit
Reports

Overview

overview

6

Static

static

8e7ba72e61...5f.dll

windows7-x64

6

8e7ba72e61...5f.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8e7ba72e610ed1394d6c6545776d3cea10609f502248ed93a60d0c4f0e74c35f.dll

Resource

win7-20221111-en

bootkit discovery persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8e7ba72e610ed1394d6c6545776d3cea10609f502248ed93a60d0c4f0e74c35f.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

8e7ba72e610ed1394d6c6545776d3cea10609f502248ed93a60d0c4f0e74c35f
Size

64KB
MD5

355c680b5461168626df519d9bfa0646
SHA1

29610c79a6adeaa845b6e60d470b5c7c9824684d
SHA256

8e7ba72e610ed1394d6c6545776d3cea10609f502248ed93a60d0c4f0e74c35f
SHA512

8170c10f77d029d453b875d8bc771229f2aae1c4c72e39b2c431044688ff37b265c1a75071ff9d9bcf754b6b4d47301dad13accad545fbed3c4a1ebe6952e68c
SSDEEP

768:hWfSB2gdpYXGv3w1cZlgA3n0Ym1N8ZZiKbIIG/hH45Bclgn:hhjdpYXI3w1cZlgA3EbYbIOBl

Score

N/A

Malware Config

Signatures

Files

8e7ba72e610ed1394d6c6545776d3cea10609f502248ed93a60d0c4f0e74c35f
.dll windows x86

458bff1331382dd6c181ffd6877ebe19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventW
FindResourceExW
FindResourceW
SetLastError
HeapDestroy
GetProcessHeap
HeapFree
IsBadStringPtrA
Beep
HeapReAlloc
HeapAlloc

rpcrt4

NdrServerCall2
RpcStringFreeW
RpcServerInqBindings
RpcServerUseProtseqW
RpcAsyncCompleteCall
NdrAsyncServerCall
UuidFromStringW
RpcRevertToSelfEx

crypt32

CryptUnprotectData
CryptProtectData

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 418B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy