a49732a93db9f4767f8efa528a287c49fd3e6d8bd2a6eecbd64202de9dcd1253 | Triage

Submit
Reports

Overview

overview

Static

static

a49732a93d...53.exe

windows7-x64

a49732a93d...53.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a49732a93db9f4767f8efa528a287c49fd3e6d8bd2a6eecbd64202de9dcd1253.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a49732a93db9f4767f8efa528a287c49fd3e6d8bd2a6eecbd64202de9dcd1253.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

a49732a93db9f4767f8efa528a287c49fd3e6d8bd2a6eecbd64202de9dcd1253
Size

132KB
MD5

74b58df153a6d5ab772bf23641b60ff0
SHA1

56cc4e1d060232277d1a4cc4b1f0c73d4e4d0503
SHA256

a49732a93db9f4767f8efa528a287c49fd3e6d8bd2a6eecbd64202de9dcd1253
SHA512

d8b56c329ad3740881df1677aee7b40a73be1a76bda65111af9057b6c056404d57a0e7b50b15f4d80007567fdccd6609ca7171e0b8938eb22c6d92051a5e2bbb
SSDEEP

3072:bbZukDa5WlZTEJcHA3brz3X9oN70TsoaNDclSN6KIW:kkDe+1ALrz3X9S0TsoaN7UW

Score

N/A

Malware Config

Signatures

Files

a49732a93db9f4767f8efa528a287c49fd3e6d8bd2a6eecbd64202de9dcd1253
.exe windows x86

c57e6d44af29acc6d3fc5f255e4bc94a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalLock
CreateEventW
CloseHandle
GetPrivateProfileIntW
GetStringTypeA
GetDriveTypeA
DeviceIoControl
HeapDestroy
FindVolumeClose
GetCurrentThread
VirtualProtectEx
lstrlenA
GetPrivateProfileSectionA
LoadLibraryA
HeapFree
GetCurrentProcess
DeleteFileA
OpenMutexA
GetStdHandle
DeviceIoControl
GetFileAttributesA

uxtheme

GetWindowTheme
GetThemeTextExtent
GetThemeSysSize
DrawThemeEdge
IsThemeActive
DrawThemeBackground
OpenThemeData
GetThemeBool
SetWindowTheme
GetThemeColor
CloseThemeData
CloseThemeData
GetThemeTextMetrics

odbccp32

SQLInstallODBC
SQLConfigDataSource
SQLGetAvailableDrivers
SQLInstallDriver

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy