208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e | Triage

Submit
Reports

Overview

overview

Static

static

208eb701d7...2e.exe

windows7-x64

208eb701d7...2e.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e
Size

123KB
MD5

63b437bde6ea67f011857e072b25c200
SHA1

20a238b16c30b89f0cc81f6b22b959b33ff0e58e
SHA256

208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e
SHA512

885e4256bb5e3739c60642533caddf57392413ee540aeddad69627a67d21a1bda35f61b12d93d19a370e984beaddaa6a32fc6bb5e9b490d73655398ec98c4380
SSDEEP

1536:Y+wGJ9jgTxkYLRGPcjFjpzHppZV9Y0sghTG6nYa6QXqSpzOXqvxA1w+N:zexkYL8qd/9YTgXYtSpzcGxA1

Score

N/A

Malware Config

Signatures

Files

208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e
.exe windows x86

266e3bf04fa8bf2fffc0a5b617a0620c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapDestroy
TlsGetValue
GetCurrentProcess
ClearCommBreak
GetDriveTypeA
LoadLibraryA
VirtualProtectEx
lstrlenA
ResumeThread
HeapFree
GetProcessHeap
SetLastError
GetFileAttributesA
DeviceIoControl
OpenMutexW
CreateEventW
GetPrivateProfileIntW
GetPrivateProfileSectionA
DeviceIoControl
DeleteFileA
GetStringTypeA

uxtheme

CloseThemeData
GetWindowTheme
IsThemeActive
GetThemeColor
SetWindowTheme
DrawThemeBackground
GetThemeBool
GetThemeTextExtent
CloseThemeData
GetThemeSysSize
GetThemeTextMetrics
OpenThemeData
DrawThemeEdge

odbctrac

TraceSQLAllocEnv
TraceSQLAllocConnect
TraceSQLAllocStmt
TraceSQLBindCol

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy