0d517884a798d6a1f9023ea4440d47f037d1accfdfcef712e38acd4f40c4d827 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

0d517884a7...27.exe

windows7-x64

6

0d517884a7...27.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0d517884a798d6a1f9023ea4440d47f037d1accfdfcef712e38acd4f40c4d827.exe

Resource

win7-20230220-en

bootkit persistence

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

0d517884a798d6a1f9023ea4440d47f037d1accfdfcef712e38acd4f40c4d827.exe

Resource

win10v2004-20230220-en

bootkit persistence

windows10-2004-x64

2 signatures

150 seconds

General

Target

0d517884a798d6a1f9023ea4440d47f037d1accfdfcef712e38acd4f40c4d827
Size

1.2MB
MD5

9396b3d093a7919b8634db6ea5b65a6f
SHA1

648d4b58f589aa10bf3068222a8659a9d4b79f97
SHA256

0d517884a798d6a1f9023ea4440d47f037d1accfdfcef712e38acd4f40c4d827
SHA512

c3cf3974469d7b488aad4280379ed4e80f7e63312d31649d5dc2fb33f504878ad7a8871810ab223f834e1c80b022e26962920c2bf30db5488a83fe8363f810b6
SSDEEP

24576:WoSR8MEx0TMNeti6fcUTHpsNtCEUj7DXwxoDWpZOXtbSuf/y78QBG:Wb8B0YNGNLpAUrj77wKDWktbtfKAQBG

Score

1^/10

Malware Config

Signatures

Files

0d517884a798d6a1f9023ea4440d47f037d1accfdfcef712e38acd4f40c4d827
.exe windows x86

b9c4fbe9894bc23a848d46b1faf90e11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetWindowsHookExA

gdi32

SetTextColor

comdlg32

GetOpenFileNameA

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyA

shell32

DragFinish

comctl32

ImageList_AddMasked

oledlg

ord8

ole32

CoTaskMemFree

olepro32

ord253

oleaut32

SysAllocStringLen

odbc32

ord10

wsock32

WSASetLastError

wininet

InternetGetLastResponseInfoA

imm32

ImmAssociateContext

Sections

.text
Size: 1.2MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy