9f406016ab8faa2cf00bfb37ce4a04f31c49dae80b8321d8cdec351b52a6abc0 | Triage

Submit
Reports

Overview

overview

Static

static

9f406016ab...c0.exe

windows7-x64

9f406016ab...c0.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9f406016ab8faa2cf00bfb37ce4a04f31c49dae80b8321d8cdec351b52a6abc0.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f406016ab8faa2cf00bfb37ce4a04f31c49dae80b8321d8cdec351b52a6abc0.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

9f406016ab8faa2cf00bfb37ce4a04f31c49dae80b8321d8cdec351b52a6abc0
Size

113KB
MD5

6502ee541ed8a4a4343ad85b6f88d871
SHA1

7e8b6274d9add65805aa6ed075983737f11ed4e1
SHA256

9f406016ab8faa2cf00bfb37ce4a04f31c49dae80b8321d8cdec351b52a6abc0
SHA512

278e3dd2ee85040a94b6f8cf904cab8e2ebc1478251590684b7d089ec775f6183054aab2c6b234a7f205986e8aca5f9835e51d61586087261322dddfc334e6f1
SSDEEP

3072:crNlKNds57u7oqWHgsRZei9ZPRfBdgQUFml4kw/Gdv2Q0r+F:cr+NdWtqWP3ZqQl4X/0v10

Score

N/A

Malware Config

Signatures

Files

9f406016ab8faa2cf00bfb37ce4a04f31c49dae80b8321d8cdec351b52a6abc0
.exe windows x86

3353c280760220502f4a144b48029552

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteConsoleW
WriteConsoleW
SetEvent
GetModuleHandleA
GetLastError
IsBadCodePtr
CreatePipe
ReleaseMutex
CopyFileW
GetPriorityClass
IsValidLocale
GetStartupInfoA
GetFileAttributesA
DisconnectNamedPipe
lstrlenW
IsBadStringPtrA
HeapCreate
lstrcpyW
CloseHandle
WriteConsoleW
GetCurrentDirectoryA

msftedit

SetCustomTextOutHandlerEx
RichEditWndProc
RichListBoxWndProc
RichComboBoxWndProc

shell32

StrChrA
SHGetSettings
ExtractIconA
DragQueryFileA
SHGetDiskFreeSpaceA
ShellMessageBoxA
DuplicateIcon
SHGetDiskFreeSpaceA
ShellMessageBoxA
ShellAboutA
SHGetMalloc
DragAcceptFiles
SHGetMalloc

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 81B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy