332af82eaea803406e21fffb94049063b78ef14f7dab3c27cbb56ce3fe4cc74c | Triage

Submit
Reports

Overview

overview

Static

static

332af82eae...4c.exe

windows7-x64

332af82eae...4c.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

332af82eaea803406e21fffb94049063b78ef14f7dab3c27cbb56ce3fe4cc74c.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

332af82eaea803406e21fffb94049063b78ef14f7dab3c27cbb56ce3fe4cc74c.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

332af82eaea803406e21fffb94049063b78ef14f7dab3c27cbb56ce3fe4cc74c
Size

137KB
MD5

6ce95eb6c45d2a9f20b35df5a7d61a70
SHA1

d07c673a755acb20ab571dfd1fb07a040c46e471
SHA256

332af82eaea803406e21fffb94049063b78ef14f7dab3c27cbb56ce3fe4cc74c
SHA512

49d619f138e62ae3d4528ffa0976554d3ee1f489a6427ec8bf9651ac14b57499e35a32febbe298d634643a6a9c51505a8920e384c608d6c620fbea133a11a896
SSDEEP

3072:d2u+52lK8uTu3pSsS34d97pk70xyUEezPh:dC5abguEs5GYxEeL

Score

N/A

Malware Config

Signatures

Files

332af82eaea803406e21fffb94049063b78ef14f7dab3c27cbb56ce3fe4cc74c
.exe windows x86

351f5166ce754e619f74f31928b75f72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtectEx
GetCurrentThread
LocalLock
GetCurrentProcess
GetFileAttributesA
lstrlenA
GetDriveTypeA
GetPrivateProfileIntW
GetStdHandle
DeleteFileA
OpenMutexA
CreateEventW
GetPrivateProfileSectionA
CloseHandle
HeapDestroy
HeapFree
DeviceIoControl
LoadLibraryA
DeviceIoControl
GetStringTypeA
FindVolumeClose

uxtheme

GetThemeBool
GetThemeTextMetrics
GetThemeColor
CloseThemeData
IsThemeActive
SetWindowTheme
GetWindowTheme
OpenThemeData
CloseThemeData
GetThemeTextExtent
GetThemeSysSize
DrawThemeEdge
DrawThemeBackground

odbccp32

SQLConfigDataSource
SQLGetAvailableDrivers
SQLInstallODBC
SQLInstallDriver

msasn1

ASN1BERDecBool

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy