bf7064acd434b5e06eb0a0a800a57f39e7c15656a50b2bc82a10f5d61edef2ae | Triage

Submit
Reports

Overview

overview

Static

static

bf7064acd4...ae.exe

windows7-x64

bf7064acd4...ae.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bf7064acd434b5e06eb0a0a800a57f39e7c15656a50b2bc82a10f5d61edef2ae.exe

Resource

win7-20220812-en

sality backdoor evasion trojan upx

windows7-x64

24 signatures

150 seconds

Behavioral task

behavioral2

Sample

bf7064acd434b5e06eb0a0a800a57f39e7c15656a50b2bc82a10f5d61edef2ae.exe

Resource

win10v2004-20220812-en

sality backdoor evasion trojan upx

windows10-2004-x64

21 signatures

150 seconds

General

Target

bf7064acd434b5e06eb0a0a800a57f39e7c15656a50b2bc82a10f5d61edef2ae
Size

2.2MB
MD5

c2230fa024ef058f0368c45264d0ab79
SHA1

0b3833f1a8c3365664ca45ff2dc5ad4843a25355
SHA256

bf7064acd434b5e06eb0a0a800a57f39e7c15656a50b2bc82a10f5d61edef2ae
SHA512

ec900764316d2ce1834b732b500bbf9babfa8dc53bfda2d7111996a8877d9c2ce271c5569170653c609f25b3d7c64d21c0427291e4361b6c98c321137684acae
SSDEEP

49152:TciGHo/1Z8IYObg9QqPOpcZGGt531JuQgVvchkrlXC:IiGHyr8zO89Qq1JqQeEhkc

Score

N/A

Malware Config

Signatures

Files

bf7064acd434b5e06eb0a0a800a57f39e7c15656a50b2bc82a10f5d61edef2ae
.exe windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.3MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 992KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hwhoaltv
Size: 796KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cmbiluag
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy