ad6a867551afd52c8255646adfe659d06be1a227bb20c12bd506dfa06c4ac9f0 | Triage

Submit
Reports

Overview

overview

Static

static

ad6a867551...f0.exe

windows7-x64

ad6a867551...f0.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ad6a867551afd52c8255646adfe659d06be1a227bb20c12bd506dfa06c4ac9f0.exe

Resource

win7-20220812-en

sality backdoor evasion trojan upx

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad6a867551afd52c8255646adfe659d06be1a227bb20c12bd506dfa06c4ac9f0.exe

Resource

win10v2004-20220812-en

sality backdoor upx

windows10-2004-x64

2 signatures

150 seconds

General

Target

ad6a867551afd52c8255646adfe659d06be1a227bb20c12bd506dfa06c4ac9f0
Size

1.2MB
MD5

65b17315c4164736f783de9dd6bf3861
SHA1

cfe7ffee17f1a190b6424e8e733add0cc161520e
SHA256

ad6a867551afd52c8255646adfe659d06be1a227bb20c12bd506dfa06c4ac9f0
SHA512

f985ef562d9ca8cdef8ca3bfa6bde7b4ae0d44aed289db051771c39809fee73e525d90e2b9f24e093830f568b07ff6698f0fcbb6e96e4c8c54a97fd1f8bd077c
SSDEEP

24576:Kd1Br532aw6OVjczrb0qsHKOxs6SvI42uFzpe/8fcxkm0yjaxSNtFe:yBrMaw6Ohwn4s6SV2uQ8ExBOYTU

Score

N/A

Malware Config

Signatures

Files

ad6a867551afd52c8255646adfe659d06be1a227bb20c12bd506dfa06c4ac9f0
.exe windows x86

e9f5b639e3598aa283823adcbfaec314

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

version

VerQueryValueA

ws2_32

WSACancelAsyncRequest

user32

SetScrollRange

gdi32

GetPixel

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

ExtractIconA

comctl32

ImageList_Draw

shlwapi

SHRegGetUSValueA

oledlg

ord8

ole32

CoTaskMemFree

oleaut32

SafeArrayGetElement

wsock32

recvfrom

wininet

InternetOpenUrlA

imagehlp

ImageNtHeader

iphlpapi

GetBestRoute

Sections

.text
Size: 1.1MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy