57d9f2df623008c966baa1bc27dd99d9b895b7b1b6d53ff882d73045a12145f4 | Triage

Submit
Reports

Overview

overview

Static

static

57d9f2df62...f4.exe

windows7-x64

57d9f2df62...f4.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

57d9f2df623008c966baa1bc27dd99d9b895b7b1b6d53ff882d73045a12145f4.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

57d9f2df623008c966baa1bc27dd99d9b895b7b1b6d53ff882d73045a12145f4.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

57d9f2df623008c966baa1bc27dd99d9b895b7b1b6d53ff882d73045a12145f4
Size

134KB
MD5

73dd7a13f1a82ca7262a2f3c38498b50
SHA1

9b42e11d30bdcada4f38f51b976aeda45004079b
SHA256

57d9f2df623008c966baa1bc27dd99d9b895b7b1b6d53ff882d73045a12145f4
SHA512

ea888337b00e4866d2bf7c61350dcca8084427c5bfe8ad7521ae59c90b416fa9c69ec0de25a55151d4199169220d17d19f133725c2b4be575451c35b755f945b
SSDEEP

3072:CZD9IdkJO9jYfm9nM1RnOC6u/wESBf6fY2xv9:QEF9v68KsBf6g2xv

Score

N/A

Malware Config

Signatures

Files

57d9f2df623008c966baa1bc27dd99d9b895b7b1b6d53ff882d73045a12145f4
.exe windows x86

c40c1c9ebb2f824e9f5e7a0094fc398c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetExitCodeThread
GetCurrentProcess
VirtualProtectEx
GetStringTypeA
RemoveDirectoryW
IsValidCodePage
SetPriorityClass
HeapFree
GetTickCount
SetLastError
CreateDirectoryW
FindResourceW
LocalLock
GetFileAttributesW
GetFileAttributesW
CreateEventA
FindClose
GetModuleHandleA
SuspendThread
TlsGetValue
GetLocaleInfoW

advapi32

RegEnumKeyA
IsValidSid
RegQueryValueW
IsTextUnicode
ControlService
IsValidAcl
IsValidSecurityDescriptor
RegCreateKeyExW
CreateProcessAsUserA
InitializeSid
ClearEventLogW
CreateServiceW
RegDeleteValueA

msctf

DllUnregisterServer
DllCanUnloadNow
DllUnregisterServer
TF_InitSystem

uxtheme

CloseThemeData

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy