7251166a512fdd861667d66c2188ee3644d0777fd4d382513b4c5ef2d5257942 | Triage

Submit
Reports

Overview

overview

Static

static

7251166a51...42.exe

windows7-x64

7251166a51...42.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

7251166a512fdd861667d66c2188ee3644d0777fd4d382513b4c5ef2d5257942.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

7251166a512fdd861667d66c2188ee3644d0777fd4d382513b4c5ef2d5257942.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

7251166a512fdd861667d66c2188ee3644d0777fd4d382513b4c5ef2d5257942
Size

130KB
MD5

6d637c3055229c5fa83d352646d66a54
SHA1

bf59aa9ac5252fc037b83c85321946926b3b369d
SHA256

7251166a512fdd861667d66c2188ee3644d0777fd4d382513b4c5ef2d5257942
SHA512

958b24af656cf6b50937db1cc454ddb1454b932ea599a83533ae9345b02ed0d633dd152747da7aad01d7f669cad16f95bab9433982f3b5a77bba38a57543dbc0
SSDEEP

3072:I3xLclq1NXS8u/VTJn96YRMEd0Kbkb+m+:qxzW8uJJn4XEiKxm

Score

N/A

Malware Config

Signatures

Files

7251166a512fdd861667d66c2188ee3644d0777fd4d382513b4c5ef2d5257942
.exe windows x86

7044a37344bcd99f1f2eac36d68944f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetPrivateProfileSectionA
CreateEventW
DeviceIoControl
TlsGetValue
ClearCommBreak
ResumeThread
DeviceIoControl
HeapDestroy
GetFileAttributesA
lstrlenA
SetLastError
DeleteFileA
GetDriveTypeA
GetCurrentProcess
HeapFree
OpenMutexW
GetProcessHeap
GetStringTypeA
LoadLibraryW
GetPrivateProfileIntW
VirtualProtectEx

uxtheme

SetWindowTheme
OpenThemeData
GetThemeSysSize
GetThemeColor
GetThemeBool
DrawThemeBackground
IsThemeActive
GetThemeTextMetrics
GetWindowTheme
CloseThemeData
GetThemeTextExtent
CloseThemeData
DrawThemeEdge

odbctrac

TraceSQLAllocConnect
TraceSQLBindCol
TraceSQLAllocStmt
TraceSQLAllocEnv

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy