7a76f9f79275444556a409c7dfc24b12b01e52f1ed2a84c19da60787b7d5a5f8 | Triage

Submit
Reports

Overview

overview

Static

static

7a76f9f792...f8.exe

windows7-x64

7a76f9f792...f8.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

7a76f9f79275444556a409c7dfc24b12b01e52f1ed2a84c19da60787b7d5a5f8.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

7a76f9f79275444556a409c7dfc24b12b01e52f1ed2a84c19da60787b7d5a5f8.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

7a76f9f79275444556a409c7dfc24b12b01e52f1ed2a84c19da60787b7d5a5f8
Size

134KB
MD5

9084cf44ff8cc8dbe74c930e3ec1a1e0
SHA1

713399bcdf49612821ae24bd480b982196aed1d3
SHA256

7a76f9f79275444556a409c7dfc24b12b01e52f1ed2a84c19da60787b7d5a5f8
SHA512

d93f718124b50ae6c210821044a8976dec82430600b3a38cd97f4381b783090d5191f78345a3a3cad87930b581c1c4fd388dfbe6a499549d830f82ac04aa89b0
SSDEEP

1536:Coo4vW5mri9fIoBoU6fF3g7vGYepde5IJLAOxgGDf446PdDybV2Pf5TtogO8zfi/:iHKdg7BEgoQZDBqgO8zfiLuh02JW9

Score

N/A

Malware Config

Signatures

Files

7a76f9f79275444556a409c7dfc24b12b01e52f1ed2a84c19da60787b7d5a5f8
.exe windows x86

5a2f8dafa92726bb0879ca05689b1e2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesW
GetTickCount
CreateDirectoryW
GetLocaleInfoW
VirtualProtectEx
GetFileAttributesW
CreateEventA
SuspendThread
GetExitCodeThread
SetPriorityClass
FindClose
LocalLock
HeapFree
GetCurrentProcess
TlsGetValue
GetModuleHandleA
IsValidCodePage
SetLastError
RemoveDirectoryW
FindResourceW
GetStringTypeA

advapi32

IsValidAcl
RegEnumKeyA
InitializeSid
IsValidSecurityDescriptor
RegQueryValueW
ControlService
CreateProcessAsUserA
IsValidSid
IsTextUnicode
ClearEventLogW
RegCreateKeyExW
CreateServiceW
RegDeleteValueA

msctf

DllUnregisterServer
TF_InitSystem
DllUnregisterServer
DllCanUnloadNow

uxtheme

CloseThemeData

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy