2b122e283c9b9c6c6843df418ea1aafd49feec2e98f8fa8f6af9b5d8bc43e8c6 | Triage

Submit
Reports

Overview

overview

Static

static

2b122e283c...c6.exe

windows7-x64

2b122e283c...c6.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

2b122e283c9b9c6c6843df418ea1aafd49feec2e98f8fa8f6af9b5d8bc43e8c6.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2b122e283c9b9c6c6843df418ea1aafd49feec2e98f8fa8f6af9b5d8bc43e8c6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2b122e283c9b9c6c6843df418ea1aafd49feec2e98f8fa8f6af9b5d8bc43e8c6
Size

131KB
MD5

60856a2ddd4f11b7e778f7ef510444b9
SHA1

d71cf33d65b680ddb1af78ee42a182239d1d9783
SHA256

2b122e283c9b9c6c6843df418ea1aafd49feec2e98f8fa8f6af9b5d8bc43e8c6
SHA512

dc6a28279ce4cabdbdad956ccbe423e5f1f79f6d158b5f5a4bcc6cfc297d49fbe9b34226174a4f0a6550213423f33b7cf73cdfffe8089a6f1d34f896cdbecb1b
SSDEEP

3072:wZjhLlEl7DP013fxxNJe2c1PpME61wUxDwPzgQsgd2Byc5+:e1ZI7YfH2pB61TxDaMtgWJ

Score

N/A

Malware Config

Signatures

Files

2b122e283c9b9c6c6843df418ea1aafd49feec2e98f8fa8f6af9b5d8bc43e8c6
.exe windows x86

6bf03ee05e5182a1433b2ee0f6d4ba4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetLastError
IsBadWritePtr
GetStdHandle
CreateDirectoryA
WriteFile
SetLocalTime
GetDriveTypeA
GetPriorityClass
CreatePipe
DeleteFileA
GetLocaleInfoA
GetFileAttributesA
GetCommandLineA
RemoveDirectoryA
ReadConsoleW
VirtualProtect
HeapSize
ResetEvent
GetModuleHandleA
ReleaseMutex
GetProcessHeap

user32

PeekMessageA
GetCapture
GetWindowLongW
GetCaretPos
DestroyMenu
DrawIcon
SetCursor
GetWindowTextW
SetFocus
PostMessageA
LoadCursorA
DispatchMessageA
wsprintfA

els

DllRegisterServer
DllGetClassObject
DllRegisterServer
DllGetClassObject

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy