b85f83f4584ade2115c65a057530af21152b0680c68ae64696a3b93548a67c68 | Triage

Submit
Reports

Overview

overview

6

Static

static

b85f83f458...68.dll

windows7-x64

6

b85f83f458...68.dll

windows10-2004-x64

6

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b85f83f4584ade2115c65a057530af21152b0680c68ae64696a3b93548a67c68.dll

Resource

win7-20220901-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

b85f83f4584ade2115c65a057530af21152b0680c68ae64696a3b93548a67c68.dll

Resource

win10v2004-20221111-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

b85f83f4584ade2115c65a057530af21152b0680c68ae64696a3b93548a67c68
Size

6KB
MD5

424b73a8a976e5ecc8a05fd6ed982668
SHA1

914d5904c81309b4c9939c5c31f7b74f673d921a
SHA256

b85f83f4584ade2115c65a057530af21152b0680c68ae64696a3b93548a67c68
SHA512

2c8493db54108d8d17bf2205afcb3709a36630574e43033426767bbedc41a4b35f9cf06020f2b698a1ba77e9ccd027f1d6322774cd6bdf2ed181bc71f932a7b2
SSDEEP

192:VCDwD7/phbW3A5WTAyLILw2qQIVZBR4zy:VN/phbPKAyLIdT6Zw

Score

N/A

Malware Config

Signatures

Files

b85f83f4584ade2115c65a057530af21152b0680c68ae64696a3b93548a67c68
.dll windows x86

6856a013f9f0eb5e30a171723bb2f97d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FreeLibrary
GetComputerNameA
GetCurrentProcessId
GetDriveTypeA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetVolumeInformationA
GetWindowsDirectoryA
LoadLibraryA
Sleep
VirtualAlloc
VirtualProtect

user32

CallWindowProcA
CreateWindowExA
DestroyWindow
EnumChildWindows
FindWindowA
GetDlgItem
GetDlgItemTextA
GetParent
GetWindowTextA
RegisterWindowMessageA
SendMessageA
SetWinEventHook
SetWindowLongA
UnhookWinEvent

advapi32

GetCurrentHwProfileA
GetUserNameA

ws2_32

gethostbyname
gethostname

wininet

HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetGetConnectedState
InternetOpenA

Sections

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy