59a9da29de99f508d0c3b96141b75724cc190cb85a20d22328c85541aa056545 | Triage

Submit
Reports

Overview

overview

Static

static

59a9da29de...45.exe

windows7-x64

59a9da29de...45.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

59a9da29de99f508d0c3b96141b75724cc190cb85a20d22328c85541aa056545.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

59a9da29de99f508d0c3b96141b75724cc190cb85a20d22328c85541aa056545.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

59a9da29de99f508d0c3b96141b75724cc190cb85a20d22328c85541aa056545
Size

291KB
MD5

7d17af38234e800bc5581edc70bbe3b8
SHA1

8863707565d3d0acdd8ff179cb345036877eb7d4
SHA256

59a9da29de99f508d0c3b96141b75724cc190cb85a20d22328c85541aa056545
SHA512

9b5d2e665b5fcaaa4ac43fd36d2f311d69b461d2ad8ac97fbc079b6283ba5b9bd062286963fcf87aa8f7caa807ea38539b553e1b67226eee9af0004a8ee3622e
SSDEEP

6144:XoodyGzqG/f0E164NlT0a0yaoFETDJikedtNpKM2YjdAqeoOBVQ:XNdyGuG/f0E/NqamTAkCQmAXf

Score

N/A

Malware Config

Signatures

Files

59a9da29de99f508d0c3b96141b75724cc190cb85a20d22328c85541aa056545
.exe windows x86

8a0d550c2c7914aa1b8eba32eca9b103

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
GetLocaleInfoA
GetDateFormatA
SetFilePointer
WriteConsoleA
RtlUnwind
TlsSetValue
HeapSize
IsValidCodePage
VirtualAlloc
GetTimeFormatA
GetACP
GetConsoleOutputCP
EnumResourceNamesA
GetCPInfo
TlsAlloc
HeapReAlloc
GetCPInfoExW
MultiByteToWideChar
TlsGetValue
GetOEMCP
SetStdHandle
RaiseException

shlwapi

SHCreateStreamOnFileA
PathAppendW
PathIsContentTypeW
SHCreateStreamOnFileEx
PathIsFileSpecW
PathCreateFromUrlA

occache

FindControlClose

Sections

.text
Size: 135KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy