6ef4564780115f14ec6baafa0b8ab78ee26f309927aa00e77fe8bdfbf74a2129 | Triage

Submit
Reports

Overview

overview

Static

static

6ef4564780...29.exe

windows7-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6ef4564780115f14ec6baafa0b8ab78ee26f309927aa00e77fe8bdfbf74a2129.exe

Resource

win7-20221111-en

sality backdoor evasion trojan upx

windows7-x64

13 signatures

150 seconds

General

Target

6ef4564780115f14ec6baafa0b8ab78ee26f309927aa00e77fe8bdfbf74a2129
Size

323KB
MD5

7a2be33885bc6cd17c133d59da7aa35f
SHA1

b37482d6b1731aae21c39ef5159c9337b6d9a8cb
SHA256

6ef4564780115f14ec6baafa0b8ab78ee26f309927aa00e77fe8bdfbf74a2129
SHA512

53975f57e911e9588ff9eae51da85ca516adaf4b3a263ca9b0b2ef85af55c32935c1c3006566fc8e1e7e78c328f1a0884900117c6fa59dd336e4b1e0745bce66
SSDEEP

3072:kmFOQqEmA0H1AmbDzthd/UVEgX9wq/eXc3CT8ZqKRtR3nXraVuDnoN7wAzmTXT5h:kc5wAgbntPsWq/+6NDnGSTXx/3yEIDu

Score

N/A

Malware Config

Signatures

Files

6ef4564780115f14ec6baafa0b8ab78ee26f309927aa00e77fe8bdfbf74a2129
.exe windows x86

e2bb0ab07f6209d9c1bc999178d50cd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
CreateDirectoryA
EnumCalendarInfoA
FormatMessageA
GetCommandLineW
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileSize
GetFileType
GetLocaleInfoW
GetTimeZoneInformation
GlobalUnlock
HeapCreate
LocalFree
ReleaseMutex
RemoveDirectoryA
ResetEvent
VirtualAlloc
lstrcatA

user32

CallWindowProcA
GetWindowTextA
LoadCursorA
LoadStringA
MapWindowPoints
MessageBoxA
SendMessageA

gdi32

CreateCompatibleBitmap
SelectObject

shell32

DoEnvironmentSubstW
SHGetSpecialFolderPathW
Shell_NotifyIconW

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_DragEnter
ImageList_EndDrag
ImageList_LoadImageA
ImageList_LoadImageW
InitializeFlatSB
PropertySheetA

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy