ded8a3c826f41a7b1051ea85f4896ba2034f215e21b96dde672f2b9b3ba9b291 | Triage

Submit
Reports

Overview

overview

Static

static

ded8a3c826...91.exe

windows7-x64

ded8a3c826...91.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ded8a3c826f41a7b1051ea85f4896ba2034f215e21b96dde672f2b9b3ba9b291.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ded8a3c826f41a7b1051ea85f4896ba2034f215e21b96dde672f2b9b3ba9b291.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

ded8a3c826f41a7b1051ea85f4896ba2034f215e21b96dde672f2b9b3ba9b291
Size

120KB
MD5

631ef8ecadc60f60b3f1b063d82061f0
SHA1

e1dae1fc9b064a1572ec632bd29f4d47e9811772
SHA256

ded8a3c826f41a7b1051ea85f4896ba2034f215e21b96dde672f2b9b3ba9b291
SHA512

a049daad245a93f00710f0553b39f282200881227e2c4c1418e241ce991a439fe3128abb907a62e4bb56048a08420d565aa646a81a427de700a141f8b08f0027
SSDEEP

3072:d6Uh0auMn7w5SYFVpNvHqahdwHwAB2DRiryKU:dzuM0vNvRh2H7giry

Score

N/A

Malware Config

Signatures

Files

ded8a3c826f41a7b1051ea85f4896ba2034f215e21b96dde672f2b9b3ba9b291
.exe windows x86

bdd359a50017dd17d21ee5e0ec89812f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
CreatePipe
SuspendThread
IsBadReadPtr
GetStdHandle
WriteFile
GetProcessHeap
GlobalSize
GetCommandLineA
ResumeThread
CreateDirectoryA
DeleteFileA
HeapSize
ReadConsoleW
GetLocaleInfoA
GetPriorityClass
VirtualProtect
ResumeThread
GetFileAttributesA
GetDriveTypeA
SetLocalTime

user32

GetWindowLongW
GetMessageW
DispatchMessageA
DrawIcon
GetWindowTextW
GetCaretPos
DestroyMenu
GetCapture
SetFocus
SetCursor
PeekMessageA
LoadCursorA
wsprintfA

els

DllRegisterServer
DllRegisterServer
DllGetClassObject
DllGetClassObject

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy