0a4f990f5c846103746ccf9fa7372315f3e289c065f2401c05fbc022ea25d02d | Triage

Submit
Reports

Overview

overview

Static

static

0a4f990f5c...2d.exe

windows7-x64

0a4f990f5c...2d.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

0a4f990f5c846103746ccf9fa7372315f3e289c065f2401c05fbc022ea25d02d.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a4f990f5c846103746ccf9fa7372315f3e289c065f2401c05fbc022ea25d02d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

0a4f990f5c846103746ccf9fa7372315f3e289c065f2401c05fbc022ea25d02d
Size

137KB
MD5

655c8b9f1c33060011e2ef060bc3c630
SHA1

22ec15a0fee26e264c0bcf57c17ef133bfd431c9
SHA256

0a4f990f5c846103746ccf9fa7372315f3e289c065f2401c05fbc022ea25d02d
SHA512

5a6af0c34bb539a6011be4ea360706637e856f9a246e3a49f55da187a94a43be5b5317d03c1ffaea332830fbcf3e8e2735e5f95d5de26d36d912ebf3dae0e462
SSDEEP

3072:+HEHLCTb5+BfsqLLiSHenqMB1L4nr91O/2UOqwcb1u:/HLC/cBfsqLLdxyBiyONcxu

Score

N/A

Malware Config

Signatures

Files

0a4f990f5c846103746ccf9fa7372315f3e289c065f2401c05fbc022ea25d02d
.exe windows x86

35c5992d7a643aa48b2d2ee74bfb5f01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TlsGetValue
RemoveDirectoryW
GetFileAttributesA
GetDriveTypeW
HeapSize
GetExitCodeThread
GetModuleHandleA
GetLocaleInfoA
VirtualProtect
MapViewOfFile
FindResourceA
GetTickCount
GetCurrentProcess
IsBadWritePtr
GetStringTypeA
CreateDirectoryW
LocalLock
IsValidCodePage
FindClose
SetLastError
GetFileAttributesA

user32

wsprintfW
GetCapture
PostMessageW
LoadCursorA
DispatchMessageA
SetCursor
IsWindow
IsDialogMessageA
PeekMessageW
SetFocus
LoadImageW
GetWindowTextW
GetWindowLongW

msaatext

DllUnregisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy