9f29c72a3d2b877c20e055e526622bf0b1a3236beb20524e086ba1ec3b607863 | Triage

Submit
Reports

Overview

overview

Static

static

9f29c72a3d...63.exe

windows7-x64

9f29c72a3d...63.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9f29c72a3d2b877c20e055e526622bf0b1a3236beb20524e086ba1ec3b607863.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9f29c72a3d2b877c20e055e526622bf0b1a3236beb20524e086ba1ec3b607863.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

9f29c72a3d2b877c20e055e526622bf0b1a3236beb20524e086ba1ec3b607863
Size

120KB
MD5

66161aeb88bde3173c220fdf17b663da
SHA1

ee6f8f6a2042bdf979727ca78543b4ffdfce8b39
SHA256

9f29c72a3d2b877c20e055e526622bf0b1a3236beb20524e086ba1ec3b607863
SHA512

d6645c3fb4a2df09a62050e58de8f195e2d5372feef215f91f9d9d468879cf61ab6821900e0dd788b2235970504eca500390ea4791cd793833748234cf1b8959
SSDEEP

3072:G1S7zXeuSlyVMZsJH0BUo6GJZCP+t8jww:JXeuC+MBGo6ccP+t88w

Score

N/A

Malware Config

Signatures

Files

9f29c72a3d2b877c20e055e526622bf0b1a3236beb20524e086ba1ec3b607863
.exe windows x86

0a39195e6fcf3881d94fb3d64bf8ca6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
GetCommandLineA
ResetEvent
GetStdHandle
HeapSize
GetDriveTypeW
CancelIo
GetProcessHeap
CreateMailslotA
SetLastError
DeleteFileA
GetModuleHandleA
RemoveDirectoryA
GetFileAttributesA
ReadConsoleW
SetLocalTime
CreateDirectoryA
GetLocaleInfoA
ReleaseMutex
IsBadWritePtr
VirtualProtect

user32

DrawIcon
DestroyMenu
GetWindowLongW
GetCaretPos
PostMessageW
PeekMessageA
SetFocus
GetCapture
DispatchMessageA
GetWindowTextW
wsprintfA
SetCursor
LoadCursorA

filemgmt

DllGetClassObject
DllRegisterServer
DllRegisterServer
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy