3971d5e776d08dfe4e49e4a6606e53abd3b7d2fa3519a3d4c194638df9834c12 | Triage

Submit
Reports

Overview

overview

Static

static

3971d5e776...12.exe

windows7-x64

3971d5e776...12.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3971d5e776d08dfe4e49e4a6606e53abd3b7d2fa3519a3d4c194638df9834c12.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

3971d5e776d08dfe4e49e4a6606e53abd3b7d2fa3519a3d4c194638df9834c12.exe

Resource

win10v2004-20220812-en

pony collection discovery rat spyware stealer upx

windows10-2004-x64

13 signatures

150 seconds

General

Target

3971d5e776d08dfe4e49e4a6606e53abd3b7d2fa3519a3d4c194638df9834c12
Size

83KB
MD5

6747bf8b1f2fc11748770dcdfb12b950
SHA1

9974142036eae316fb264bc6f853d246fe730e81
SHA256

3971d5e776d08dfe4e49e4a6606e53abd3b7d2fa3519a3d4c194638df9834c12
SHA512

69abff6f8ee4ebccfb948dc7a2f798d69b4adcb1c65e7624ca7f822d764fa04c9269a07b6fc94daa220d35ff43e7489e0414086cbc41aaddbdad4132aa2ef85b
SSDEEP

1536:gJl7Om7MW9mf/1fwFqbkHm64K3cz9VhfcLqbX1aJmQYAskOnRKtzJ6MLR:mLw/1ud3cz9VNdbXIJYAskO4lJvR

Score

N/A

Malware Config

Signatures

Files

3971d5e776d08dfe4e49e4a6606e53abd3b7d2fa3519a3d4c194638df9834c12
.exe windows x86

4c377305d24021cd331717e28470b59f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

ord29

kernel32

GetTickCount

msvcrt

strlen

user32

GetAncestor
GetParent
EnableWindow
CharUpperBuffA
CharLowerBuffA
GetMessageA
DefWindowProcW
GetWindowRect
IsCharAlphaA
IsDialogMessageA
GetDesktopWindow
GetWindow
SetWindowLongW
IsChild
TranslateMessage

Exports

Exports

?geoInvert@@YGJUrevertPart@@K@Z

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.anit
Size: 512B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy