0b1c4a176db6f7cac005c4261dc2a405ae89964ebb3bb332f378c9f0ae48c8aa | Triage

Submit
Reports

Overview

overview

Static

static

0b1c4a176d...aa.exe

windows7-x64

0b1c4a176d...aa.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0b1c4a176db6f7cac005c4261dc2a405ae89964ebb3bb332f378c9f0ae48c8aa.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

0b1c4a176db6f7cac005c4261dc2a405ae89964ebb3bb332f378c9f0ae48c8aa.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

0b1c4a176db6f7cac005c4261dc2a405ae89964ebb3bb332f378c9f0ae48c8aa
Size

279KB
MD5

3064e9e60d5dc2329348911c10c32da2
SHA1

ed07139bf0b8352ddde336b55fc9821ded190bb5
SHA256

0b1c4a176db6f7cac005c4261dc2a405ae89964ebb3bb332f378c9f0ae48c8aa
SHA512

6b02d6fefa15451274450e64d53f9b49c8fe02534b541ec72b54febd3628f27f9d66a2f6eba6ab3fba85774483221b59e4a0d9d03d62ff6616d55df798576064
SSDEEP

6144:L2tOu3X/UoM4vDZLPMsaRqMuxdGS+TSOdsCX1tbpjF:Y9H/U34vDBKRVY+rFpj

Score

N/A

Malware Config

Signatures

Files

0b1c4a176db6f7cac005c4261dc2a405ae89964ebb3bb332f378c9f0ae48c8aa
.exe windows x86

0d3b446e1ea411a983b70b158266fc00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
GetDiskFreeSpaceA
VirtualProtect
GetStringTypeW
AddAtomW
FindFirstFileA
GetFileAttributesA
FlushFileBuffers
UnhandledExceptionFilter
WideCharToMultiByte
FreeEnvironmentStringsA
GetEnvironmentStrings
IsBadReadPtr
LCMapStringW
EnumResourceNamesA
SetFilePointer
CreateFileA
SetUnhandledExceptionFilter
GetStringTypeA
WriteFile
GetStringTypeExA
GetEnvironmentStringsW
GetThreadLocale
FreeEnvironmentStringsW
GetOEMCP
GetFullPathNameA
GetCPInfo
ReadFile
SetStdHandle
LCMapStringA
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathIsContentTypeA
PathAppendA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 138KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy