b886cfacb3932260a18bb76fe3a006cf859efc6c25e9217d2f4c1fbd0169490d | Triage

Submit
Reports

Overview

overview

Static

static

b886cfacb3...0d.exe

windows7-x64

b886cfacb3...0d.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b886cfacb3932260a18bb76fe3a006cf859efc6c25e9217d2f4c1fbd0169490d.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b886cfacb3932260a18bb76fe3a006cf859efc6c25e9217d2f4c1fbd0169490d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b886cfacb3932260a18bb76fe3a006cf859efc6c25e9217d2f4c1fbd0169490d
Size

126KB
MD5

7960cc9e170001e6359d75ad02c5fed0
SHA1

c05fe764640810369c22db85fc4380cae42a9775
SHA256

b886cfacb3932260a18bb76fe3a006cf859efc6c25e9217d2f4c1fbd0169490d
SHA512

c76903c9d157d31ba875f3bb397276d7a6de33067900361e318a0e4eadd5eb50df9b28ac9fb3bffed1ad81d16bcbc1ed61f3b5233fa20a271076771d31e3887c
SSDEEP

3072:QxmqP2kn+2zOZZWsDH+/YSEsNydHzi/T0f9:85+2SHawSEsNydWIF

Score

N/A

Malware Config

Signatures

Files

b886cfacb3932260a18bb76fe3a006cf859efc6c25e9217d2f4c1fbd0169490d
.exe windows x86

bbb89892275f7ac56c350b7b9c07c7e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeviceIoControl
LocalFlags
TlsGetValue
GetFileAttributesW
HeapFree
RemoveDirectoryW
SetCommBreak
GetCurrentThread
SetLastError
GetCurrentProcess
GetFileAttributesW
FindClose
GetPrivateProfileSectionA
CreateDirectoryW
GetLocaleInfoW
CreateEventA
GlobalLock
VirtualProtectEx
GetVersionExA
GetStringTypeA
GetModuleHandleA

user32

DefDlgProcA
wsprintfW
PeekMessageW
SetCursor
IsWindow
GetWindowTextW
GetWindowLongW
LoadCursorA
IsDialogMessageA
DispatchMessageA
SetCursorPos
SetFocus
PostMessageW

msorcl32

SQLDisconnect
SQLError
SQLConnect
SQLCancel

ntshrui

IsPathSharedA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy