f358d2e8060a8b0a40419af123072bc93bac47770ed899cb9894d98b61006f55 | Triage

Submit
Reports

Overview

overview

Static

static

f358d2e806...55.exe

windows7-x64

f358d2e806...55.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

f358d2e8060a8b0a40419af123072bc93bac47770ed899cb9894d98b61006f55.exe

Resource

win7-20220812-en

sality backdoor evasion trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

f358d2e8060a8b0a40419af123072bc93bac47770ed899cb9894d98b61006f55.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

f358d2e8060a8b0a40419af123072bc93bac47770ed899cb9894d98b61006f55
Size

108KB
MD5

9ccf74a26a0800ec00f732b08cd22658
SHA1

2a29310ae692aa73a6b246cb61ccb7a2eb892c8d
SHA256

f358d2e8060a8b0a40419af123072bc93bac47770ed899cb9894d98b61006f55
SHA512

a0bf2a1ee811f787bcec2c7a3cf2ccce586fd284705d4eb92fa2810bb2a8726c36afd1ac91bb170bbc6f3edd5f4b1a254da88ddb5dd37e53ba9c08b19127c77b
SSDEEP

3072:Ilfln5Ih1kAUROZ3yzOBcYE/onpmJra5RNL:W5IoxRa3nNE/OQyNL

Score

N/A

Malware Config

Signatures

Files

f358d2e8060a8b0a40419af123072bc93bac47770ed899cb9894d98b61006f55
.exe windows x86

d8fc1a3614d526e7111f36ddb837bb41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
_wtoi
_vsnwprintf

kernel32

FreeLibrary
LocalFree
lstrlenA
WideCharToMultiByte
LocalAlloc
lstrlenW
GetProcAddress
FormatMessageW
GetLastError
LoadLibraryW
ActivateActCtx
CreateActCtxW
SearchPathW
GetFileAttributesW
ReleaseActCtx
DeactivateActCtx
SetErrorMode
ExitProcess
GetModuleHandleW
GetStartupInfoW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

gdi32

GetStockObject

user32

RegisterClassW
LoadStringW
CharNextW
SetClassLongW
LoadIconW
DefWindowProcW
CreateWindowExW
MessageBoxW
LoadCursorW
DestroyWindow

imagehlp

ImageDirectoryEntryToData

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy