2318a5ae7b138d1957dc966a4120e156a0464f14523b709313d60a2e43f82e1d | Triage

Submit
Reports

Overview

overview

Static

static

2318a5ae7b...1d.exe

windows7-x64

2318a5ae7b...1d.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

2318a5ae7b138d1957dc966a4120e156a0464f14523b709313d60a2e43f82e1d.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2318a5ae7b138d1957dc966a4120e156a0464f14523b709313d60a2e43f82e1d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

2318a5ae7b138d1957dc966a4120e156a0464f14523b709313d60a2e43f82e1d
Size

133KB
MD5

7067a99c136b8d46b8e23cbfb311a560
SHA1

933a7a68d3ed8d4cc750b22115372becfdb3c976
SHA256

2318a5ae7b138d1957dc966a4120e156a0464f14523b709313d60a2e43f82e1d
SHA512

598b139797a3678d587ac6bb224ab773e604d5556e499cee75b34a967afcd9fc375d687ad56ad4c18b62e1e0692715ac19cf4e2ad1092b0bba8084fed0580649
SSDEEP

3072:mBCCFiXhS7gMm1L2RC7K6DGIIZilhR2Qvwv/DB4rFAlRZ37:BQg+Q7jGIIFksB4rO17

Score

N/A

Malware Config

Signatures

Files

2318a5ae7b138d1957dc966a4120e156a0464f14523b709313d60a2e43f82e1d
.exe windows x86

07ea3cfdd8571ef69b8ffa29ead301fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtectEx
GetPrivateProfileSectionA
GetProcessHeap
SetLastError
DeviceIoControl
GetCurrentThread
ClearCommBreak
GetDriveTypeA
lstrlenA
GetStringTypeW
GetFileAttributesA
OpenMutexW
DeviceIoControl
CreateEventW
ResumeThread
HeapDestroy
LoadLibraryW
DeleteFileA
TlsGetValue
HeapFree
GetPrivateProfileIntW

rasapi32

DwRasUninitialize
DwEnumEntryDetails
DwCloneEntry
DwRasUninitialize
RasDialA
RasDeleteEntryA
DwEnumEntryDetails
RasDeleteEntryA
DwCloneEntry
RasDialA
DwEnumEntryDetails
RasDialA
DwRasUninitialize

pdh

PdhAddCounterA
PdhCloseLog
PdhGetLogFileSize
PdhGetLogFileTypeA

Sections

.text
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy