be7798f0170de45a3a02c5659ba982c13796a769947d42cf6caa46dd93c2e5ab | Triage

Submit
Reports

Overview

overview

Static

static

be7798f017...ab.exe

windows7-x64

be7798f017...ab.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

be7798f0170de45a3a02c5659ba982c13796a769947d42cf6caa46dd93c2e5ab.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

be7798f0170de45a3a02c5659ba982c13796a769947d42cf6caa46dd93c2e5ab.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

be7798f0170de45a3a02c5659ba982c13796a769947d42cf6caa46dd93c2e5ab
Size

131KB
MD5

66e576e9710bf812f3a27261215ae010
SHA1

d4fa35d565e83dbe734a97216c90d5f8cee034ca
SHA256

be7798f0170de45a3a02c5659ba982c13796a769947d42cf6caa46dd93c2e5ab
SHA512

28732ecb9e12f6e5a2c0ecb5191905f65c75629a347837dda1aa20886b01ab3061e8a5458198e7592cbf18d2153ba74fd47224fe85b65ffc4667e43370ae019d
SSDEEP

3072:IwXO3d+BSlLasPkYIt//t3B2EQdwsEb/lGS:9OUSlLaYKL2EQdwpbcS

Score

N/A

Malware Config

Signatures

Files

be7798f0170de45a3a02c5659ba982c13796a769947d42cf6caa46dd93c2e5ab
.exe windows x86

11d57c4ed91b0a1ad75932d192555e60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
GetFileAttributesA
GetPrivateProfileIntW
GetPrivateProfileSectionA
LoadLibraryA
GetCurrentProcess
DeviceIoControl
GetStdHandle
GetStringTypeA
OpenMutexA
GetCurrentThread
VirtualProtectEx
HeapFree
DeviceIoControl
FindVolumeClose
lstrlenA
HeapDestroy
LocalLock
GetDriveTypeA
CloseHandle
CreateEventW

uxtheme

GetWindowTheme
GetThemeColor
IsThemeActive
GetThemeSysSize
CloseThemeData
GetThemeTextMetrics
DrawThemeEdge
DrawThemeBackground
OpenThemeData
SetWindowTheme
CloseThemeData
GetThemeBool
GetThemeTextExtent

odbccp32

SQLGetAvailableDrivers
SQLInstallODBC
SQLConfigDataSource
SQLInstallDriver

msasn1

ASN1BERDecBool

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy