ea604d8ff4be512a81f97b54ba91c8560f2cc2120bed0f6ef7fef0f5ed3ce5e8 | Triage

Submit
Reports

Overview

overview

Static

static

ea604d8ff4...e8.exe

windows7-x64

ea604d8ff4...e8.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ea604d8ff4be512a81f97b54ba91c8560f2cc2120bed0f6ef7fef0f5ed3ce5e8.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ea604d8ff4be512a81f97b54ba91c8560f2cc2120bed0f6ef7fef0f5ed3ce5e8.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ea604d8ff4be512a81f97b54ba91c8560f2cc2120bed0f6ef7fef0f5ed3ce5e8
Size

119KB
MD5

68a8615dc0e2db90643c4755750916a9
SHA1

1ce0be0c5c52b14b8054c12dbbe0eda9fcfd59b4
SHA256

ea604d8ff4be512a81f97b54ba91c8560f2cc2120bed0f6ef7fef0f5ed3ce5e8
SHA512

7cf1e75e7b529d398bcac480355df2f7f77fdb79b5278fd04c950b94d65876336c6d996fedbea23aadbc403da18bd5d5f0df81ea14d6527605c783eeaccbb49e
SSDEEP

3072:zMLzz2M1m428Vh0Q7K6UIbiGLRljJoxzbt:ALzz91m45VP2f8LFU

Score

N/A

Malware Config

Signatures

Files

ea604d8ff4be512a81f97b54ba91c8560f2cc2120bed0f6ef7fef0f5ed3ce5e8
.exe windows x86

704573eb999b8886393e8cbc03b2359b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
VirtualProtect
GetProcessHeap
GetModuleHandleA
HeapDestroy
CopyFileA
WriteConsoleW
DeleteFileA
GetPriorityClass
GetCommandLineA
VirtualQueryEx
GetFileAttributesW
lstrlenW
GetStdHandle
CreatePipe
SetEvent
WriteConsoleW
DisconnectNamedPipe
ResumeThread
WriteConsoleW
lstrcpyA

mmcndmgr

DllCanUnloadNow
DllRegisterServer
DllGetClassObject
DllRegisterServer

cryptui

WizardFree
CryptUIDlgViewContext
CryptUIWizBuildCTL
WizardFree
DllRegisterServer
LocalEnrollNoDS
CryptUIWizDigitalSign
CryptUIWizExport
LocalEnroll
LocalEnroll
CryptUIStartCertMgr
CryptUIWizImport
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy