5a7e52bc92be9572c834f8e69cfbb89edbd798b954c348037ff116c6bbd3315b | Triage

Submit
Reports

Overview

overview

Static

static

5a7e52bc92...5b.exe

windows7-x64

5a7e52bc92...5b.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5a7e52bc92be9572c834f8e69cfbb89edbd798b954c348037ff116c6bbd3315b.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

5a7e52bc92be9572c834f8e69cfbb89edbd798b954c348037ff116c6bbd3315b.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

5a7e52bc92be9572c834f8e69cfbb89edbd798b954c348037ff116c6bbd3315b
Size

114KB
MD5

4b1601b1061d50814657de774a88abc0
SHA1

ed8afeb0988d33f7c2371b11033a89c31121d521
SHA256

5a7e52bc92be9572c834f8e69cfbb89edbd798b954c348037ff116c6bbd3315b
SHA512

1e9c9a4cd9d8baa62bdc24fce5d6a3e5f2abb52edbf74d3a0db034c9a6f7447b5aaf073cf223cea21d2c32b92f7a7499c840fcf3e7f3ada4a3b95c677858e886
SSDEEP

3072:zGPO6ZSo4e1Y5Dgxp1nAt4wuRdPf8zRrU6JCS4Ks62aw1vDUEN7:3l5Dcp1AbUdPf8zRrnJjwZn7

Score

N/A

Malware Config

Signatures

Files

5a7e52bc92be9572c834f8e69cfbb89edbd798b954c348037ff116c6bbd3315b
.exe windows x86

bf3861a9af45b451de1c5f21a78303eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceA
GetModuleHandleA
ReadFile
FormatMessageA
WriteConsoleW
GetCurrentDirectoryA
IsBadStringPtrA
IsValidLocale
WriteConsoleW
lstrcpyW
GetFileSize
CloseHandle
SetPriorityClass
GetLastError
GetFileAttributesA
WriteConsoleW
GetStartupInfoA
HeapCreate
GetFileTime
lstrlenW
ReleaseMutex

msftedit

RichListBoxWndProc
SetCustomTextOutHandlerEx
RichEditWndProc
RichComboBoxWndProc

clbcatq

CheckMemoryGates
SetSetupSave
ComPlusMigrate
DllGetClassObject
DllGetClassObject
SetupOpen
CheckMemoryGates
SetupOpen
ComPlusMigrate
SetSetupSave
ComPlusMigrate
SetupOpen
CheckMemoryGates

dsprop

CheckADsError

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 1024B - Virtual size: 49B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy