da6532136212580783fc0f1e12c86aa03b633b21cb426006c9a0a110fed292fd | Triage

Submit
Reports

Overview

overview

Static

static

da65321362...fd.exe

windows7-x64

da65321362...fd.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

da6532136212580783fc0f1e12c86aa03b633b21cb426006c9a0a110fed292fd.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

da6532136212580783fc0f1e12c86aa03b633b21cb426006c9a0a110fed292fd.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

da6532136212580783fc0f1e12c86aa03b633b21cb426006c9a0a110fed292fd
Size

111KB
MD5

68be81dfad575d12cce929dc53c0bc50
SHA1

f98312166c5767f581f47e7021a9b1462ea52c7c
SHA256

da6532136212580783fc0f1e12c86aa03b633b21cb426006c9a0a110fed292fd
SHA512

f15e2e6162b69c31df46a35b422901133a40ae1a59b9019b1b9d07d161087e7b5679470a142256bc76a7d96f3bd689a1dbc4916f8275c87306a084b2bbc4d94f
SSDEEP

3072:ARY5hR7GOpVuuLNt6WFtpZVNT/RcPHFw1G:fw+RRweZnLRcPluG

Score

N/A

Malware Config

Signatures

Files

da6532136212580783fc0f1e12c86aa03b633b21cb426006c9a0a110fed292fd
.exe windows x86

7047628297c6fa931472fd83285857e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetEvent
WriteConsoleW
GetCommandLineA
Sleep
WriteConsoleW
GetStartupInfoA
ResumeThread
DeleteFileA
lstrlenW
VirtualProtect
VirtualQueryEx
WriteConsoleW
GetProcessHeap
CopyFileA
GetStdHandle
HeapDestroy
lstrcpyA
GetDriveTypeW
GetFileAttributesW
GetPrivateProfileSectionW
GetModuleHandleA

mmcndmgr

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServer

cryptui

CryptUIStartCertMgr
CryptUIDlgViewContext
CryptUIWizImport
CryptUIWizDigitalSign
DllUnregisterServer
WizardFree
DllRegisterServer
WizardFree
LocalEnrollNoDS
CryptUIWizBuildCTL
LocalEnroll
CryptUIWizExport
LocalEnroll

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.expimp
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy