67e1286855300cc30a2518593a8072b7543fa3379fe9a4744360d4b76b1c81fd | Triage

Submit
Reports

Overview

overview

Static

static

67e1286855...fd.exe

windows7-x64

67e1286855...fd.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

67e1286855300cc30a2518593a8072b7543fa3379fe9a4744360d4b76b1c81fd.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

67e1286855300cc30a2518593a8072b7543fa3379fe9a4744360d4b76b1c81fd.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

67e1286855300cc30a2518593a8072b7543fa3379fe9a4744360d4b76b1c81fd
Size

119KB
MD5

7a9868555d7871590685362ed17e1f6e
SHA1

b8d662a57e9ab90b9eb1c99470d6984154dcd70d
SHA256

67e1286855300cc30a2518593a8072b7543fa3379fe9a4744360d4b76b1c81fd
SHA512

55e104992102e81453c5ba0b8ecba5bae66dafa73e340719d6161a141928f0a982936df562ee6d6ec0f39a94310e5fca1483b36f26d03a2365472405bc29d7ee
SSDEEP

1536:RVF0MWMHTl3XFv62Iy45KyaL9zADGBXxmSU3e6jB5ZtwnaHHHHHHnKfgmisnbQWW:Rb1WC3VvNI/654eYSurBRw5jisb9W

Score

N/A

Malware Config

Signatures

Files

67e1286855300cc30a2518593a8072b7543fa3379fe9a4744360d4b76b1c81fd
.exe windows x86

a0c2b602a78ac6492d8caf6047c31e6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreatePipe
CreateFileMappingW
CreateSemaphoreW
DeviceIoControl
FatalExit
GetModuleHandleW
InitializeCriticalSection
CreateMailslotA
DeleteFileA
VirtualAlloc
GetConsoleAliasA
GetACP
SetEnvironmentVariableA
SetVolumeLabelA
DeleteFileA
GetProcessHeap
SetCurrentDirectoryA
DeleteFileA
WriteConsoleW
GetShortPathNameW
InterlockedExchange
GetStringTypeW

mshtml

ShowHTMLDialog
ShowModelessHTMLDialog
ShowModalDialog
DllEnumClassObjects

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrs
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.afdr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy