e31cf37762a774e883b94d7f101f4d9f9929e3e61138e2f0767e8c372ddc7b31 | Triage

Submit
Reports

Overview

overview

Static

static

e31cf37762...31.exe

windows7-x64

e31cf37762...31.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e31cf37762a774e883b94d7f101f4d9f9929e3e61138e2f0767e8c372ddc7b31.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

e31cf37762a774e883b94d7f101f4d9f9929e3e61138e2f0767e8c372ddc7b31.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

e31cf37762a774e883b94d7f101f4d9f9929e3e61138e2f0767e8c372ddc7b31
Size

288KB
MD5

73b9b3b016c69c8941dddce4d8bbe89d
SHA1

14b12685fadba4060904705052b7a5a5d902049c
SHA256

e31cf37762a774e883b94d7f101f4d9f9929e3e61138e2f0767e8c372ddc7b31
SHA512

ae9d8df51b71223e9ee71d74a1c6c9a69cdcf7f8fbdee22785f8c0ccb3bdac1ca8cec9e9de3473fc278beb7b6e55b876a53424239c0f5b344b269f3fb4bc7ecc
SSDEEP

6144:dM8I/CRf6OimShitTTB+D0NNQoub8e/yaFBCn:dMV6RfDirsB+Dm+ouIe6a

Score

N/A

Malware Config

Signatures

Files

e31cf37762a774e883b94d7f101f4d9f9929e3e61138e2f0767e8c372ddc7b31
.exe windows x86

ba65b39f6b9f2d9f5ebc2964c2f19c46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
TlsAlloc
MultiByteToWideChar
GlobalGetAtomNameW
GetCPInfo
GetDateFormatA
WriteConsoleA
GetACP
TlsSetValue
SetFilePointer
GetOEMCP
EnumResourceTypesW
VirtualAlloc
GetLocaleInfoA
HeapReAlloc
IsValidCodePage
GetTimeFormatA
SetUserGeoID
RtlUnwind
HeapSize
SetStdHandle
GetConsoleOutputCP
RaiseException

rpcrt4

RpcStringFreeA

shell32

SHGetUnreadMailCountW
SHGetFileInfoA
SHGetPathFromIDListA
DragAcceptFiles
ShellExecuteExA
SHBrowseForFolderA
Shell_NotifyIconA

user32

CharNextA
DispatchMessageW
DispatchMessageA
MessageBoxA
PeekMessageA
GetDesktopWindow
LoadStringA
wsprintfA

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy