File: 8a56e59fc5364a8f4d96fb79d79b6bbf

Metadata
File name:N/A
File type:PE32 executable (console) Intel 80386, for MS Windows
File size:620071
Analysis date:N/A
MD5:8a56e59fc5364a8f4d96fb79d79b6bbf
SHA1:d444e61d14425704cf92a40801d12ea457206193
SHA256:805dcc17bd5152f5b65ed49be600f72f3c858ec8cc43ce688e85a4bf5ef6fa5e
SHA512:N/A
SSDEEP:N/A
IMPHASH:N/A
Authentihash:N/A
Related resources
PE TypePE32
Internal Nameaspnet_state.exe
CommentsFlavor=Retail
File Size606 kB
Machine TypeIntel 386 or later, and compatibles
File OSWin32
Code Size20992
OS Version5.0
Entry Point0x492b
File Flags Mask0x003f
Linker Version8.0
File SubtypeN/A
Uninitialized Data SizeN/A
File Version2.0.50727.1433 (REDBITS.050727-1400)
Initialized Data Size2560
File DescriptionMicrosoft ASP.NET State Server
Product Version Number2.0.50727.1433
Product NameMicrosoft® .NET Framework
Company NameMicrosoft Corporation
MIME Typeapplication/octet-stream
Character SetUnicode
Language CodeEnglish (U.S.)
File Version Number2.0.50727.1433
File TypeWin32 EXE
Original Filenameaspnet_state.exe
Legal Copyright© Microsoft Corporation. All rights reserved.
SubsystemWindows command line
Object File TypeExecutable application
Image Version8.0
File Flags(none)
Subsystem Version4.0
Product Version2.0.50727.1433
Source:
APTNotes
Cyber threat intelligence reports associated with 8a56e59fc5364a8f4d96fb79d79b6bbf.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
AVGDropper.Generic_c.ALMS
AVwareTrojan.MSIL.Zapchast.!pj
Baidu-InternationalTrojan.MSIL.Zapchast.abgca
FortinetW32/Zapchast.ABGCA!tr
IkarusExploit.Win32.RpcDcom
KasperskyTrojan.MSIL.Zapchast.abgca
McAfeeArtemis!8A56E59FC536
McAfee-GW-EditionBehavesLike.Win32.Expiro.jh
PandaGeneric Suspicious
VIPRETrojan.MSIL.Zapchast.!pj
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
Comments
User comments about 8a56e59fc5364a8f4d96fb79d79b6bbf.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.