d26420328910e456ffef0645eb32e55553f44e225929dd3ac63f44a8432ed72b | Triage

Submit
Reports

Overview

overview

Static

static

d264203289...2b.exe

windows7-x64

d264203289...2b.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d26420328910e456ffef0645eb32e55553f44e225929dd3ac63f44a8432ed72b.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

d26420328910e456ffef0645eb32e55553f44e225929dd3ac63f44a8432ed72b.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

d26420328910e456ffef0645eb32e55553f44e225929dd3ac63f44a8432ed72b
Size

137KB
MD5

91d8a1bcf3cfcfe2bbd1dd153f72b3ec
SHA1

cda7897a6e66fe5439408a1fe2c6bc9a30675faf
SHA256

d26420328910e456ffef0645eb32e55553f44e225929dd3ac63f44a8432ed72b
SHA512

82e548e28cd0a98bc86fd44ee93b5f86b9d4a7cc6355bc377f91cf6b6df4aa4eac3300d562953edb98c8d45ba062efe016312581dd8a09556af557b8771c94a2
SSDEEP

3072:HyTWMT7NXwzXR8ROZOlgayqsNST1iyeuXJLcXelOjpmTlU2aaI6TGII:yOZWgaHsS4yeu5LtQIlnIaI

Score

N/A

Malware Config

Signatures

Files

d26420328910e456ffef0645eb32e55553f44e225929dd3ac63f44a8432ed72b
.exe windows x86

032bfd859821c2360bc1efc4472f81fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

MapViewOfFile
GetLocaleInfoW
VirtualProtect
FindClose
IsValidCodePage
SetLastError
GetDriveTypeW
LocalLock
GetExitCodeThread
GetCurrentProcess
GetModuleHandleA
RemoveDirectoryW
GetTickCount
GetFileAttributesA
CreateDirectoryW
GetStringTypeA
GetFileAttributesA
HeapFree
IsBadWritePtr
FindResourceW
TlsGetValue

user32

IsWindow
LoadStringA
LoadImageW
PostMessageW
IsDialogMessageA
GetWindowTextW
PeekMessageW
DispatchMessageA
wsprintfW
SetFocus
SetCursor
LoadCursorA
GetWindowLongW

msctf

TF_InitSystem
DllCanUnloadNow
DllUnregisterServer
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy