26f8be5e8c9d04972a5d5c525a9b2a4ce53121fbd10e6f9a06a291bdffa87d03 | Triage

Submit
Reports

Overview

overview

Static

static

26f8be5e8c...03.exe

windows7-x64

26f8be5e8c...03.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

26f8be5e8c9d04972a5d5c525a9b2a4ce53121fbd10e6f9a06a291bdffa87d03.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

26f8be5e8c9d04972a5d5c525a9b2a4ce53121fbd10e6f9a06a291bdffa87d03.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

26f8be5e8c9d04972a5d5c525a9b2a4ce53121fbd10e6f9a06a291bdffa87d03
Size

112KB
MD5

80c10fa914231e5962a70963dc1bb900
SHA1

0616c251bdded8de6c81833b651d33cb016582e9
SHA256

26f8be5e8c9d04972a5d5c525a9b2a4ce53121fbd10e6f9a06a291bdffa87d03
SHA512

3f0b120c39fe4ff7cfd6ad990bba024d8bb8ff14b6e4b4b6bfdf2b367e6553e34e34152c2f321a6174a3452637e5ae695d9c2d6ba906a4377cc2b95728c21ca8
SSDEEP

3072:XBPp+Zst2by0UqCil1jnoCS3/TxGoIsznKMs:R8Zs3id1cCm/NUsznl

Score

N/A

Malware Config

Signatures

Files

26f8be5e8c9d04972a5d5c525a9b2a4ce53121fbd10e6f9a06a291bdffa87d03
.exe windows x86

3b6d362c898288649fd3bc1324949331

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
HeapDestroy
GetProcessHeap
GetFileAttributesW
DisconnectNamedPipe
GetPriorityClass
VirtualProtect
GetStartupInfoA
CopyFileA
lstrcpyA
CreatePipe
ResumeThread
GetStdHandle
VirtualQueryEx
WriteConsoleW
WriteConsoleW
DeleteFileA
GetModuleHandleA
GetCommandLineA
SetEvent
WriteConsoleW

mmcndmgr

DllCanUnloadNow
DllRegisterServer
DllRegisterServer
DllGetClassObject

cryptui

CryptUIDlgViewContext
DllUnregisterServer
WizardFree
LocalEnrollNoDS
CryptUIWizDigitalSign
CryptUIStartCertMgr
CryptUIWizImport
WizardFree
CryptUIWizExport
DllRegisterServer
LocalEnroll
CryptUIWizBuildCTL
LocalEnroll

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy