167296f596acfc3636c93f975b5abb3395c5f5e760bc29d2535527642f4d40fa | Triage

Submit
Reports

Overview

overview

Static

static

167296f596...fa.exe

windows7-x64

167296f596...fa.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

167296f596acfc3636c93f975b5abb3395c5f5e760bc29d2535527642f4d40fa.exe

Resource

win7-20220812-en

sality backdoor evasion persistence trojan upx

windows7-x64

24 signatures

150 seconds

Behavioral task

behavioral2

Sample

167296f596acfc3636c93f975b5abb3395c5f5e760bc29d2535527642f4d40fa.exe

Resource

win10v2004-20220812-en

sality backdoor evasion persistence trojan upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

167296f596acfc3636c93f975b5abb3395c5f5e760bc29d2535527642f4d40fa
Size

151KB
MD5

67e09eeb484866593e098c5423c8d549
SHA1

68477cbbbf1017a453dc670d4d107faf94476b62
SHA256

167296f596acfc3636c93f975b5abb3395c5f5e760bc29d2535527642f4d40fa
SHA512

80fa1ebf96f44bee7db557790377d88e053cb3c11e6e3444784d2374082b1473cb50acddb561cdcfc019cc320fb181540ffa5fc05d7ad23a1f806ffaf87b0635
SSDEEP

3072:6zII+9KM6idY1zwLv4IW+KZA1wX4WWHllmLZmn7EXd7vkN:El1zjksNUlmL2EXdzO

Score

N/A

Malware Config

Signatures

Files

167296f596acfc3636c93f975b5abb3395c5f5e760bc29d2535527642f4d40fa
.exe windows x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 27KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy