6a89644addc79580fa2d77d92a381c34c5b1509e6321a62c2ae9eb802fe505cd | Triage

Submit
Reports

Overview

overview

Static

static

6a89644add...cd.exe

windows7-x64

6a89644add...cd.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6a89644addc79580fa2d77d92a381c34c5b1509e6321a62c2ae9eb802fe505cd.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

6a89644addc79580fa2d77d92a381c34c5b1509e6321a62c2ae9eb802fe505cd.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

6a89644addc79580fa2d77d92a381c34c5b1509e6321a62c2ae9eb802fe505cd
Size

119KB
MD5

69c751c5c99532d4598d3538e7d6e6c1
SHA1

c0b04aa6d97ed2d899e4d46d75a329c7be96981e
SHA256

6a89644addc79580fa2d77d92a381c34c5b1509e6321a62c2ae9eb802fe505cd
SHA512

b5f7a930b105a428ec79c1aca2c092e81a2b7eb3c4fa32de56be32e9927c4b67e075c00bdd87e466e60e15802f80f9dd872491e83f78cb9c9c5377e88dc0cfcd
SSDEEP

1536:fJUvF58R/CEYq6yAfQiBiN6yjIl8g4oI1+42BEVpzID1EUJNw7KjMaG5aC+aFPpN:fWvFAXYq8cN6nne+gfK6+QaG5pFkml

Score

N/A

Malware Config

Signatures

Files

6a89644addc79580fa2d77d92a381c34c5b1509e6321a62c2ae9eb802fe505cd
.exe windows x86

22f333171d13fb53dac418d8e4ec5c53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetPrivateProfileIntA
lstrcpyW
GetLocaleInfoW
GetFullPathNameA
GetNumberFormatA
TlsAlloc
TlsAlloc
GetModuleFileNameW
TlsGetValue
lstrcpyW
lstrcpyW
CreateEventA
VirtualAlloc
FindNextVolumeW
DeleteFileA
GetCurrentProcess
lstrcpyW
GetModuleHandleA
SetCurrentDirectoryA
lstrlenW
GetStartupInfoW
SetConsoleTitleA

untfs

Recover
ChkdskEx
Format
Extend

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EDATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy