48e3c33e785983d5562dee87078f7cb8b01b54c63ac4332408fcf89a8432a39e | Triage

Submit
Reports

Overview

overview

7

Static

static

1

48e3c33e78...9e.exe

windows7-x64

7

48e3c33e78...9e.exe

windows10-2004-x64

6

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

48e3c33e785983d5562dee87078f7cb8b01b54c63ac4332408fcf89a8432a39e.exe

Resource

win7-20230712-en

bootkit persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

48e3c33e785983d5562dee87078f7cb8b01b54c63ac4332408fcf89a8432a39e.exe

Resource

win10v2004-20230703-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

General

Target

48e3c33e785983d5562dee87078f7cb8b01b54c63ac4332408fcf89a8432a39e
Size

6.4MB
MD5

4e5c84f68c3f9b57d39c808d714f4312
SHA1

20f8a6b79d3eab9e94236eee95dbca75c7c2ed51
SHA256

48e3c33e785983d5562dee87078f7cb8b01b54c63ac4332408fcf89a8432a39e
SHA512

05c005198552a8cc79c534d3779b722662c3351af5eb78a7c6bcc2af737975d8156870c3f90f6e67cc0db9a18e60ebd30c98b8da9aa5d4a91b0b5f404dfa42b0
SSDEEP

98304:+C3sCi/vEJfCswcvgquc6iG83Duc5Tdevw:yElCswcvJ6OSc5TdeI

Score

1^/10

Malware Config

Signatures

Files

48e3c33e785983d5562dee87078f7cb8b01b54c63ac4332408fcf89a8432a39e
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

1e:4d:d5:f7:fc:2b:a6:bc:4b:df:3a:84:69:01:62:79
Certificate

Issuer

CN=DESKTOP-163DQFM\\William

Not Before

06-04-2023 04:47

Not After

05-04-2024 10:47

Subject

CN=DESKTOP-163DQFM\\William

c1:4e:1b:19:bb:d1:08:d9:fc:d1:6c:55:bc:1f:c5:ec:e8:77:94:18
Signer

Actual PE Digest

c1:4e:1b:19:bb:d1:08:d9:fc:d1:6c:55:bc:1f:c5:ec:e8:77:94:18

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy