f550bce80c6a1d1c504ade623b036cef3dbfcd6e7924a817cd1d6eb975c9ad03 | Triage

Submit
Reports

Overview

overview

Static

static

f550bce80c...03.exe

windows7-x64

f550bce80c...03.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

f550bce80c6a1d1c504ade623b036cef3dbfcd6e7924a817cd1d6eb975c9ad03.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f550bce80c6a1d1c504ade623b036cef3dbfcd6e7924a817cd1d6eb975c9ad03.exe

Resource

win10v2004-20220812-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

f550bce80c6a1d1c504ade623b036cef3dbfcd6e7924a817cd1d6eb975c9ad03
Size

113KB
MD5

574621df362ef9fbba8174883ad94e20
SHA1

d99a68ec295a81ec93d85d7da6fa09b51441ea7e
SHA256

f550bce80c6a1d1c504ade623b036cef3dbfcd6e7924a817cd1d6eb975c9ad03
SHA512

5c21c27e59a6cf3d5bb47d2ceab658e225d0a39a2630baca70351169a1d4ffd751d5531200556d9f65ea58b4dd0009a77c91c5b69b26788773cd38d8a731242c
SSDEEP

3072:Hd0GGjmcH59l3Gpk6qgiqi+FSKtTSUDfNh:9dGjm2Gpk+ijQTBJ

Score

N/A

Malware Config

Signatures

Files

f550bce80c6a1d1c504ade623b036cef3dbfcd6e7924a817cd1d6eb975c9ad03
.exe windows x86

5b2e1083043b833a08220b09d139e569

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenThread
ReleaseMutex
GetConsoleTitleW
SetLastError
WaitForMultipleObjects
GetStartupInfoW
FindClose
RemoveDirectoryW
Sleep
HeapSize
GetCurrentDirectoryA
ExitProcess
GetTickCount
GetLocalTime
HeapCreate
CreateMutexW
GetEnvironmentVariableA
DeleteFileA
CloseHandle
GetStdHandle
GetTickCount
GetModuleHandleA
WaitForSingleObject
CreateFileA
GetFileAttributesA

user32

FindWindowW
FillRect
PeekMessageA
GetDC
GetWindowLongA
CallWindowProcW
GetSysColor
MessageBoxA
DispatchMessageW
GetDC
GetDC
DispatchMessageW
GetClassInfoA

vbajet32

VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy