1f219f065657593b662191ea01de47edb922642d91d7fda650b984b391bd5e31 | Triage

Submit
Reports

Overview

overview

Static

static

1f219f0656...31.exe

windows7-x64

1f219f0656...31.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

1f219f065657593b662191ea01de47edb922642d91d7fda650b984b391bd5e31.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

1f219f065657593b662191ea01de47edb922642d91d7fda650b984b391bd5e31.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1f219f065657593b662191ea01de47edb922642d91d7fda650b984b391bd5e31
Size

133KB
MD5

64ff3f86cd50f241312aa2c2acd8ee85
SHA1

525b4c6834841a2be1f3445ff0acebd3dc887298
SHA256

1f219f065657593b662191ea01de47edb922642d91d7fda650b984b391bd5e31
SHA512

66013ea229d411d5fd69cae3d19578a00e3347955d3c28e0b3ee0f8925014f27a7abaa080968a4b3d6eb2f18380412911176ca75ad56b20a5c41cbaf1402e1ac
SSDEEP

3072:2JCofF/DFBL5Xm2GtaDx3GnEaVfCNYgIpHY8sK:CD//L9oU3GnEaVQYL40

Score

N/A

Malware Config

Signatures

Files

1f219f065657593b662191ea01de47edb922642d91d7fda650b984b391bd5e31
.exe windows x86

92518b9070f2e4c02823a5d18f1b528d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeviceIoControl
CreateEventW
GetProcessHeap
DeleteFileA
SetLastError
GetDriveTypeA
VirtualProtectEx
ResumeThread
DeviceIoControl
HeapDestroy
GetPrivateProfileSectionA
LoadLibraryW
OpenMutexW
lstrlenA
GetFileAttributesA
TlsGetValue
GetStringTypeW
GetCurrentThread
HeapFree
ClearCommBreak
GetPrivateProfileIntW

rasapi32

DwCloneEntry
RasDialA
DwRasUninitialize
DwCloneEntry
DwEnumEntryDetails
RasDialA
RasDialA
DwEnumEntryDetails
DwRasUninitialize
RasDeleteEntryA
DwRasUninitialize
DwEnumEntryDetails
RasDeleteEntryA

pdh

PdhCloseLog
PdhGetLogFileTypeA
PdhAddCounterA
PdhGetLogFileSize

Sections

.text
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy