df62e263583275ce9be88501838a415c0174cbb8d4b0d31d21c85289d1afe7f5 | Triage

Submit
Reports

Overview

overview

Static

static

df62e26358...f5.exe

windows7-x64

df62e26358...f5.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

df62e263583275ce9be88501838a415c0174cbb8d4b0d31d21c85289d1afe7f5.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

df62e263583275ce9be88501838a415c0174cbb8d4b0d31d21c85289d1afe7f5.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

df62e263583275ce9be88501838a415c0174cbb8d4b0d31d21c85289d1afe7f5
Size

131KB
MD5

6c129a2309018076359921c0cb56e380
SHA1

4925c0a485b586e618967f87a63c41a147b4a68d
SHA256

df62e263583275ce9be88501838a415c0174cbb8d4b0d31d21c85289d1afe7f5
SHA512

b827f9cfe9e5367eb1ecf0042afa85a8642da89535a04aa357c1bc98ea51a28af1a156926eed19504fcd432dc75f7f49313226103d8194c78c6447b4994f47a5
SSDEEP

3072:8piG3QVXysrerBVldvy44uXdrl27xs8N0/O7Ad:kID0BwadR268N0vd

Score

N/A

Malware Config

Signatures

Files

df62e263583275ce9be88501838a415c0174cbb8d4b0d31d21c85289d1afe7f5
.exe windows x86

757c803c3b089c3cb987a40361beb9f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCurrentThread
OpenMutexA
FindVolumeClose
CreateEventW
GetFileAttributesA
GetPrivateProfileSectionA
HeapDestroy
GetDriveTypeA
VirtualProtectEx
GetStdHandle
GetPrivateProfileIntW
LoadLibraryA
DeleteFileA
LocalLock
HeapFree
DeviceIoControl
GetStringTypeA
CloseHandle
GetCurrentProcess
lstrlenA
DeviceIoControl

uxtheme

GetThemeTextMetrics
CloseThemeData
CloseThemeData
GetThemeColor
SetWindowTheme
DrawThemeEdge
OpenThemeData
DrawThemeBackground
GetWindowTheme
GetThemeTextExtent
IsThemeActive
GetThemeSysSize
GetThemeBool

odbccp32

SQLConfigDataSource
SQLInstallODBC
SQLInstallDriver
SQLGetAvailableDrivers

msasn1

ASN1BERDecBool

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy