5d9475f200d87644807201b2fa1ad0c2b89910a3dbc0f554c5bcd5e42edd0e4f | Triage

Submit
Reports

Overview

overview

9

Static

static

5d9475f200...4f.exe

windows7-x64

9

5d9475f200...4f.exe

windows10-2004-x64

9

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5d9475f200d87644807201b2fa1ad0c2b89910a3dbc0f554c5bcd5e42edd0e4f.exe

Resource

win7-20220812-en

bootkit evasion persistence trojan

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

5d9475f200d87644807201b2fa1ad0c2b89910a3dbc0f554c5bcd5e42edd0e4f.exe

Resource

win10v2004-20221111-en

bootkit evasion persistence trojan

windows10-2004-x64

14 signatures

150 seconds

General

Target

5d9475f200d87644807201b2fa1ad0c2b89910a3dbc0f554c5bcd5e42edd0e4f
Size

2.4MB
MD5

45f0b778219afd9f172db65c520487bc
SHA1

1bee4a666834115ce3101a41b161848737072281
SHA256

5d9475f200d87644807201b2fa1ad0c2b89910a3dbc0f554c5bcd5e42edd0e4f
SHA512

5f2a535de189cf6bf3552e188f76d1f40af6b3f2d07c2728ae178bf9c3e53b173aba724450e38fb11f167714484bf51abc32a6164dd834f9c807b9a1ed7e641a
SSDEEP

49152:JxXvp6MGe3cmrWH2fQJSYkMaK7EGNpwythYQ1fTgpUOeAa571aDScT8MKVnfqd4k:JxXhDGe31rgFJSFli9P1fTguOeA+7m5Z

Score

N/A

Malware Config

Signatures

Files

5d9475f200d87644807201b2fa1ad0c2b89910a3dbc0f554c5bcd5e42edd0e4f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

LANP
Size: 256KB - Virtual size: 537KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

LANP
Size: 244KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

LANP
Size: 24KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LANP
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

LANP
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

LANP
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LANP
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LANP
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

LANP
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LANP
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy