298ad4c7b963f7fc935a1b8d19af45cdc4c18fc9da5dd7aaa5db25b4b11bba53 | Triage

Submit
Reports

Overview

overview

Static

static

298ad4c7b9...53.exe

windows7-x64

298ad4c7b9...53.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

298ad4c7b963f7fc935a1b8d19af45cdc4c18fc9da5dd7aaa5db25b4b11bba53.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

298ad4c7b963f7fc935a1b8d19af45cdc4c18fc9da5dd7aaa5db25b4b11bba53.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

298ad4c7b963f7fc935a1b8d19af45cdc4c18fc9da5dd7aaa5db25b4b11bba53
Size

120KB
MD5

5d9a451c70618381e9365cc850110b60
SHA1

5e7fa052b7b25b5f5538abf977aa15e5e007e855
SHA256

298ad4c7b963f7fc935a1b8d19af45cdc4c18fc9da5dd7aaa5db25b4b11bba53
SHA512

15a80206d8d4d283ac0cfb91b07f0094035653c1005aaa9b6e4aa4a0c0f25789e0e70547f52c18ccb6dc285963711348c19509211e98ebafefd9b6849a6c7f4d
SSDEEP

3072:VgxoANI+Wm1RqkSEyvkvob/EcowZqW4QECtH:OxoANIc8lYobYw64

Score

N/A

Malware Config

Signatures

Files

298ad4c7b963f7fc935a1b8d19af45cdc4c18fc9da5dd7aaa5db25b4b11bba53
.exe windows x86

e4b24abcd445e218834c11712ee79915

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
IsBadReadPtr
WriteFile
SetLocalTime
GetPriorityClass
GetModuleHandleA
GlobalSize
ResetEvent
VirtualProtect
GetProcessHeap
ReadConsoleW
GetCommandLineA
SuspendThread
CreatePipe
GetLocaleInfoA
CreateDirectoryA
GetStdHandle
HeapSize
GetFileAttributesA
ReleaseMutex
GetDriveTypeA

user32

DispatchMessageA
SetCursor
SetFocus
wsprintfA
GetWindowLongW
LoadCursorA
GetCaretPos
PeekMessageA
GetWindowTextW
DrawIcon
GetCapture
DestroyMenu
GetMessageW

els

DllRegisterServer
DllRegisterServer
DllGetClassObject
DllGetClassObject

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy