3531b35a3b463d02f77b66a385c5cce3168b2306088f2e726ab8c81679599812 | Triage

Submit
Reports

Overview

overview

Static

static

3531b35a3b...12.exe

windows7-x64

3531b35a3b...12.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3531b35a3b463d02f77b66a385c5cce3168b2306088f2e726ab8c81679599812.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3531b35a3b463d02f77b66a385c5cce3168b2306088f2e726ab8c81679599812.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

3531b35a3b463d02f77b66a385c5cce3168b2306088f2e726ab8c81679599812
Size

132KB
MD5

91232e89ee99859d43f1b2c0557cf030
SHA1

e22a68221188ddd38b947ac5024baacf8fd63f93
SHA256

3531b35a3b463d02f77b66a385c5cce3168b2306088f2e726ab8c81679599812
SHA512

6a436ad6366a4d3ea9e6144a7709f0a64ab181d1a1e5e0369357550c670487faf36f90643378d954fb24014c309b26601d1822c7ecb0b2632248aeedd208634b
SSDEEP

3072:GHt1MdrRwUTZXOsYPEwnb2iHByt4c4sIVSLzi:GHMdrHZSPX2iHdcxIVSXi

Score

N/A

Malware Config

Signatures

Files

3531b35a3b463d02f77b66a385c5cce3168b2306088f2e726ab8c81679599812
.exe windows x86

84f858c89aaf863f35ff24b0753f4f0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
VirtualProtect
GetModuleHandleA
GetConsoleMode
RemoveDirectoryW
GlobalLock
GetCurrentThreadId
InitializeCriticalSection
GetConsoleAliasA
CreateFileA
GetStartupInfoW
TlsGetValue
FindClose
GetProcessHeap
DeleteFileA
LocalFree
DeleteFileA
Sleep
CreateDirectoryA
EnterCriticalSection
GetModuleFileNameA
GetLocalTime
LeaveCriticalSection
ReadConsoleW
GetDriveTypeA

user32

GetWindowLongA
GetKeyState
GetSysColor
IsWindowVisible
GetWindowLongA
FillRect
PeekMessageA
MessageBoxA
GetWindowDC
IsWindowEnabled
DispatchMessageA
EqualRect
wsprintfA

d3d8thk

OsThunkDdBlt
OsThunkDdGetDC
OsThunkDdLock
OsThunkDdFlip

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy