738786f46e5fea7c3783a9fe621a3da27416021c6e8fe87d9012c2c2608cadba | Triage

Submit
Reports

Overview

overview

Static

static

738786f46e...ba.exe

windows7-x64

738786f46e...ba.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

738786f46e5fea7c3783a9fe621a3da27416021c6e8fe87d9012c2c2608cadba.exe

Resource

win7-20220812-en

sality backdoor evasion trojan upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

738786f46e5fea7c3783a9fe621a3da27416021c6e8fe87d9012c2c2608cadba.exe

Resource

win10v2004-20220901-en

sality backdoor evasion trojan upx

windows10-2004-x64

14 signatures

150 seconds

General

Target

738786f46e5fea7c3783a9fe621a3da27416021c6e8fe87d9012c2c2608cadba
Size

101KB
MD5

68f1ad7bc6a481d28bd129967f19e481
SHA1

2a11d0ae99e64bd7179459b9d5916e359fe08722
SHA256

738786f46e5fea7c3783a9fe621a3da27416021c6e8fe87d9012c2c2608cadba
SHA512

a786858c777db54f7b73154a64f1b2d26f52f713ddc235f9cc98b2810b367b92e6663259c1057ad5f5ab9fd0655874b1bc099f1bee9e53d68b08e499f10ac9f5
SSDEEP

3072:kY24ot6WwcO26OnvpkPbF/NttH6MIZ1jLNaSVq:mgWwv26OhkPbF/RaZLk

Score

N/A

Malware Config

Signatures

Files

738786f46e5fea7c3783a9fe621a3da27416021c6e8fe87d9012c2c2608cadba
.exe windows x86

d71f9d3d8a10aaa946260cfd6c6a11e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassExA
UnregisterClassA

shell32

ShellExecuteA

kernel32

GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetProcAddress
LoadLibraryA
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy