985075c26c92e7a927d29fc812434a554aa28edd3736e1a85a91e1a20fb0dfca | Triage

Submit
Reports

Overview

overview

Static

static

985075c26c...ca.exe

windows7-x64

3

985075c26c...ca.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

985075c26c92e7a927d29fc812434a554aa28edd3736e1a85a91e1a20fb0dfca.exe

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

985075c26c92e7a927d29fc812434a554aa28edd3736e1a85a91e1a20fb0dfca.exe

Resource

win10v2004-20220812-en

sality backdoor evasion persistence trojan upx

windows10-2004-x64

19 signatures

150 seconds

General

Target

985075c26c92e7a927d29fc812434a554aa28edd3736e1a85a91e1a20fb0dfca
Size

226KB
MD5

4d3e4ac6e14545733c2f3b9d7cb9da09
SHA1

947b1b37a379df451e7e62953c33f53fbe595b66
SHA256

985075c26c92e7a927d29fc812434a554aa28edd3736e1a85a91e1a20fb0dfca
SHA512

22badb38cedc42929b7d89a5b1063b66174ac18d780dd621ae2c9918d84d7c5bf29e128d32f1f0dabcfe9c182f2aa835f4b8eab7f0b18c013d7f4b49045e0870
SSDEEP

3072:XRI8VWgs6D04zvlab62HgjbgpqdBRk5xXzArb90nOOTi1JahyDocXucXa:XRIvgFDpzvlau2HgkKRsXzAV0fiUca

Score

N/A

Malware Config

Signatures

Files

985075c26c92e7a927d29fc812434a554aa28edd3736e1a85a91e1a20fb0dfca
.exe windows x86

6039c26165040db47e28057ca34786ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

srand
memcmp
strcat
isdigit
isspace
memcpy
rename
memset
_EH_prolog
__CxxFrameHandler
strcmp
strncpy
strstr
strcpy
rand
abs
strlen

user32

MessageBoxA
wvsprintfA

kernel32

GetModuleHandleA
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
GetProcAddress
GetTickCount
GetStartupInfoA
GetCommandLineA
ExitProcess

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.srdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy