6dd84d99bb881df8d418d1257afc0b8b38013cefa35f6661c8fa3427a982527c | Triage

Submit
Reports

Overview

overview

Static

static

6dd84d99bb...7c.exe

windows7-x64

6dd84d99bb...7c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6dd84d99bb881df8d418d1257afc0b8b38013cefa35f6661c8fa3427a982527c.exe

Resource

win7-20220812-en

sality backdoor evasion trojan upx

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

6dd84d99bb881df8d418d1257afc0b8b38013cefa35f6661c8fa3427a982527c.exe

Resource

win10v2004-20220901-en

sality backdoor evasion upx

windows10-2004-x64

8 signatures

150 seconds

General

Target

6dd84d99bb881df8d418d1257afc0b8b38013cefa35f6661c8fa3427a982527c
Size

180KB
MD5

807266d321e97eff7ce637303eceb496
SHA1

aad4b02c3f2c8f4407bcb7fd65924ad806558b4f
SHA256

6dd84d99bb881df8d418d1257afc0b8b38013cefa35f6661c8fa3427a982527c
SHA512

deb48468ee94a1b5d4376b50355ac9f0282bc1d41dcc516e598c16d73283b558bd8490a791eb62e07091291379119eed9f4aadecd59c22765ddd935da09636e3
SSDEEP

3072:GU+kVLDywJ+rzlkoOYFDQmqmI5ZR5Lpi6LGvHVztCs0Nb4K:GU+g+DlBxFDo5VJy/VhCs0h4K

Score

N/A

Malware Config

Signatures

Files

6dd84d99bb881df8d418d1257afc0b8b38013cefa35f6661c8fa3427a982527c
.exe windows x86

49f35925837a83ed7a8aeb2df54bc501

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
HeapDestroy
HeapCreate
DeviceIoControl
GetCommandLineA
GetDriveTypeA
TlsAlloc
IsBadStringPtrW
DeleteFileA
Sleep
CloseHandle
CloseHandle
GetStartupInfoA
ReleaseMutex
CreateFileMappingW
PulseEvent
IsDebuggerPresent
GetModuleFileNameW
GetModuleHandleA
lstrlenA

user32

LoadImageA
GetIconInfo
IsZoomed
GetWindowLongA
FindWindowW
DestroyMenu
DispatchMessageA
DispatchMessageA
PeekMessageA
DestroyWindow
DrawTextW
IsWindow
CallWindowProcW

colbact

PartitionAccessCheck
PartitionAccessCheck
PartitionAccessCheck
PartitionAccessCheck

cryptui

CryptUIDlgCertMgr

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ocvvsvo
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy