40e9dfd04d638fa7e126bf43e4efd7ffd2983694baf76f6017abf13f2564f2c4 | Triage

Submit
Reports

Overview

overview

Static

static

40e9dfd04d...c4.exe

windows7-x64

40e9dfd04d...c4.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

40e9dfd04d638fa7e126bf43e4efd7ffd2983694baf76f6017abf13f2564f2c4.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

40e9dfd04d638fa7e126bf43e4efd7ffd2983694baf76f6017abf13f2564f2c4.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

40e9dfd04d638fa7e126bf43e4efd7ffd2983694baf76f6017abf13f2564f2c4
Size

118KB
MD5

9229693c5f7dc55fe3dacefde2372f66
SHA1

81be3a14e0b1e7953c6bfa8e2828934b02d9aeae
SHA256

40e9dfd04d638fa7e126bf43e4efd7ffd2983694baf76f6017abf13f2564f2c4
SHA512

a3abbd420743d0360dc92d14dbc8a575773b57863342d7b6f4a5fe972b8427eba5c3363a1c19e01a1f6773d902a8025c3a9a427d25980e2418372cacf2deaa9b
SSDEEP

3072:rmOn/FMZ/zrhccvbp+ohKsiqfKLjtd3b5cMOP:CZ/PhjvMqsjG

Score

N/A

Malware Config

Signatures

Files

40e9dfd04d638fa7e126bf43e4efd7ffd2983694baf76f6017abf13f2564f2c4
.exe windows x86

9b72f2bb1f04aca685cbb5780fad691d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetFileTime
lstrcatA
GetFileSize
CreateMutexW
GetStartupInfoW
GetExitCodeProcess
LeaveCriticalSection
CreatePipe
SetFileTime
GetModuleHandleA
CloseHandle
FormatMessageW
IsBadWritePtr
lstrcpyA
InitializeCriticalSection
LoadLibraryW
FindResourceW
HeapCreate
ReadFile
GetLastError
SetFileTime

msi

MsiCollectUserInfoA
MsiDatabaseCommit
MsiConfigureFeatureA
MsiAdvertiseProductW

user32

DispatchMessageA
IsDialogMessageA
LoadCursorW
GetWindowLongW
IsWindow
MessageBoxA
GetWindowRect
SetFocus
PostMessageW
GetWindowTextA
PostMessageA
wsprintfA
PeekMessageW

clbcatq

SetSetupSave

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 193B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ole
Size: 512B - Virtual size: 129B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy