02b316fe5ddc0694c25e19d20965ac6b628220e157e5d991f323d5375cafb1ad | Triage

Submit
Reports

Overview

overview

Static

static

02b316fe5d...ad.exe

windows7-x64

02b316fe5d...ad.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

02b316fe5ddc0694c25e19d20965ac6b628220e157e5d991f323d5375cafb1ad.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

02b316fe5ddc0694c25e19d20965ac6b628220e157e5d991f323d5375cafb1ad.exe

Resource

win10v2004-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

02b316fe5ddc0694c25e19d20965ac6b628220e157e5d991f323d5375cafb1ad
Size

280KB
MD5

6299c9384311ae7e821778b412d3f034
SHA1

41f42df825d791c9d31399c38b905a7efd9a1c3f
SHA256

02b316fe5ddc0694c25e19d20965ac6b628220e157e5d991f323d5375cafb1ad
SHA512

948d448fc5a8d1c416981b0e2ff55d295160b255a06c6cc769eed6de2113cefdfb62ca27d6fbd61a5b1307a895bd6f74758f58fb58fe2611942461c297ff3d22
SSDEEP

6144:FUqlft6xu7cfp2z2Psiuwp2tDEo0hK1fz/+pj9hBjExO:FUqNtNwf+i+DEfK1zcDBjE8

Score

N/A

Malware Config

Signatures

Files

02b316fe5ddc0694c25e19d20965ac6b628220e157e5d991f323d5375cafb1ad
.exe windows x86

8e9972054c14c798162bf96b267c0790

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetEnvironmentStringsW
GlobalFindAtomA
GetOEMCP
GetFileAttributesA
IsBadReadPtr
FreeEnvironmentStringsA
WideCharToMultiByte
LCMapStringA
SetFilePointer
FindFirstFileA
FlushFileBuffers
SetStdHandle
GetCPInfo
EnumResourceNamesW
GetFullPathNameA
ReadFile
IsBadCodePtr
CreateFileA
GetStringTypeW
GetDiskFreeSpaceA
FreeEnvironmentStringsW
WriteFile
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeExW
VirtualProtect
LCMapStringW
GetEnvironmentStrings
GetThreadLocale
SetUnhandledExceptionFilter
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathIsContentTypeA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathAppendA
PathCreateFromUrlW

Sections

.text
Size: 144KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy