8ca7b2b9b658160ad5789c46b1edc3fb8622546460c7f4e1dbd56a44bc20185e | Triage

Submit
Reports

Overview

overview

Static

static

8ca7b2b9b6...5e.exe

windows7-x64

8ca7b2b9b6...5e.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8ca7b2b9b658160ad5789c46b1edc3fb8622546460c7f4e1dbd56a44bc20185e.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

8ca7b2b9b658160ad5789c46b1edc3fb8622546460c7f4e1dbd56a44bc20185e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

8ca7b2b9b658160ad5789c46b1edc3fb8622546460c7f4e1dbd56a44bc20185e
Size

127KB
MD5

6d9a5ee61a292c2223c1422e677ad640
SHA1

650443fd0b31297f36aaa5a08fc423070039c016
SHA256

8ca7b2b9b658160ad5789c46b1edc3fb8622546460c7f4e1dbd56a44bc20185e
SHA512

0095c274f30ce78b9d4bf0eb36c44d82c666a45a78683669bee220d1d0fa68c1fd406b2cea2050b88d5ef1116d1b91d48cabd0cd3205e08494ee24dd13a05a7a
SSDEEP

3072:DT6wVVSrtRdK3NgV93C8in7D0FU3Y84JqL1Jqhs:DTfbetKa+Nv0Y4J01w

Score

N/A

Malware Config

Signatures

Files

8ca7b2b9b658160ad5789c46b1edc3fb8622546460c7f4e1dbd56a44bc20185e
.exe windows x86

46a7085f164031a648e3bab23c316be0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualProtect
ResumeThread
HeapSize
GetFileAttributesW
SuspendThread
CreateFileW
SetFilePointer
LeaveCriticalSection
GlobalSize
GetLocaleInfoA
lstrlenA
GetStdHandle
SetEvent
GetVersionExA
GetModuleFileNameA
IsValidLocale
GetModuleHandleA
GetProcessHeap
CreateFileW
GetPriorityClass
HeapDestroy
CreateMutexW
IsBadReadPtr
CreateDirectoryA
GetCurrentThreadId

user32

DispatchMessageA
DestroyMenu
LoadCursorA
GetWindowLongA
wsprintfA
DestroyIcon
SetCursor
DrawIcon
GetWindowTextA
GetWindowLongA
PeekMessageA
GetScrollInfo
SetRect

duser

GetGadget
GetGadgetRect
GetGadgetFocus
GetDebug

advapi32

IsValidAcl

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy