b56a737ddb7442de35c384a29c58de59283278da2cb817288bd7c6ae7a3b0004 | Triage

Submit
Reports

Overview

overview

Static

static

b56a737ddb...04.exe

windows7-x64

b56a737ddb...04.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b56a737ddb7442de35c384a29c58de59283278da2cb817288bd7c6ae7a3b0004.exe

Resource

win7-20221111-en

sality backdoor evasion trojan upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

b56a737ddb7442de35c384a29c58de59283278da2cb817288bd7c6ae7a3b0004.exe

Resource

win10v2004-20221111-en

sality backdoor evasion trojan upx

windows10-2004-x64

13 signatures

150 seconds

General

Target

b56a737ddb7442de35c384a29c58de59283278da2cb817288bd7c6ae7a3b0004
Size

82KB
MD5

dc6caefa831061f640b8a3cba464e96b
SHA1

5318427aa94858ee6154c0a66cac71f1522da89a
SHA256

b56a737ddb7442de35c384a29c58de59283278da2cb817288bd7c6ae7a3b0004
SHA512

9be6d96f493cca5fd2aa4e7a3724b5c40426f8485ff8bc37fa4e93a4494624eda64da9254dad8f2abfd3d642b4e947d6ffbf8bcb4ebf0bf3dae5cbaabc3c24bd
SSDEEP

1536:wIAJUvSz4657Y1ofACMSSq2VeixFmJnt/R8WRXMXAu+Fg1R090:wIAJUaz5eF1w2VFInjRX4j+Fg1D

Score

N/A

Malware Config

Signatures

Files

b56a737ddb7442de35c384a29c58de59283278da2cb817288bd7c6ae7a3b0004
.exe windows x86

e4fe6bae823ade604a2e315911afef7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

SizeofResource
SetCurrentDirectoryA
CloseHandle
CreateFileA
CreateFileMappingA
CreateProcessA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindResourceA
GetCommandLineA
GetFileSize
LoadResource
MapViewOfFile
ReadFile
ReadProcessMemory
ResumeThread
RtlMoveMemory
lstrlenA
Sleep
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtectEx
WinExec
WriteProcessMemory
lstrcatA
FindClose
FindFirstFileA
FlushFileBuffers
WriteFile
GetModuleFileNameA
GetModuleHandleA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 974B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy