lewd[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

lewd.exe

windows7-x64

lewd.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

lewd.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

lewd.exe

Resource

win10v2004-20220901-en

pony collection discovery rat spyware stealer

windows10-2004-x64

13 signatures

150 seconds

General

Target

lewd.exe
Size

196KB
MD5

5ec10cfc4b29356d1bac2391e596f15f
SHA1

e53cf85028be504c8b050f3feeaf42843b5d0660
SHA256

6eac27aa263dc000a0db6e8d39bf25c04dd0b3b3bd00d528795c5fd8083aa775
SHA512

64f33d03bc5bd448fb24077a56188625d9ef3116795febc2a021f7ff850543de8c933bc2a23b2809ddf188921a3e923bbd7c509c9c55bca17c4b1a7d80af48a8
SSDEEP

3072:LefInYoNcTYZf9Q1bhRy+XZ4z95Mt2VNyUxUrdcPoDNW:LefInYeZVobPy+XZi9ic+tx

Score

N/A

Malware Config

Signatures

Files

lewd.exe
.exe windows x86

f17ac06e60273c4d07e367f8d4c52605

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord598
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord100

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy