3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44 | Triage

Submit
Reports

Overview

overview

Static

static

3d2d29d23a...44.exe

windows7-x64

3d2d29d23a...44.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44
Size

120KB
MD5

661bbc899325a3f9a01cffae1db53330
SHA1

8c33491ca94ce064eed9751b0a72659dd906df4d
SHA256

3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44
SHA512

4baed49dd57ad118c235a968d12a9d88d7f08251c7df34729cbfc4522dd5e938044eb8f6f243f40e2f3ee1f9a6aa35f8ac5540bbb6506b4288008179bcd4455e
SSDEEP

3072:pST2it+zNlzCaVjZwQre7mJBLaHL7vfeIPUjEIvqgzmng:p8rczrCaHZri4BLEWUIvAn

Score

N/A

Malware Config

Signatures

Files

3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44
.exe windows x86

358f6510a15c7f475faa939f4e43d50b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleW
GetFileAttributesA
CreatePipe
CloseHandle
HeapCreate
GetLastError
WriteConsoleW
ReleaseMutex
ClearCommBreak
GetPriorityClass
GetCurrentDirectoryA
lstrlenW
IsDebuggerPresent
WriteConsoleW
GetStdHandle
GetStartupInfoA
DisconnectNamedPipe
lstrcpyW
GetModuleHandleA
SetEvent
CopyFileW

msftedit

RichEditWndProc
RichComboBoxWndProc
SetCustomTextOutHandlerEx
RichListBoxWndProc

shell32

SHGetMalloc
DllUnregisterServer
SHFree
DragAcceptFiles
DragFinish
ExtractIconA
SHGetDiskFreeSpaceA
SHGetSettings
ShellMessageBoxA
DragQueryFileA
ShellAboutA
StrChrA
DuplicateIcon

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy