e9403b30d624a82d38fa2c88ff4809d1a8d0bde4286926c2fe0251344f7dec99 | Triage

Submit
Reports

Overview

overview

Static

static

e9403b30d6...99.exe

windows7-x64

e9403b30d6...99.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e9403b30d624a82d38fa2c88ff4809d1a8d0bde4286926c2fe0251344f7dec99.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e9403b30d624a82d38fa2c88ff4809d1a8d0bde4286926c2fe0251344f7dec99.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

e9403b30d624a82d38fa2c88ff4809d1a8d0bde4286926c2fe0251344f7dec99
Size

123KB
MD5

96577a5bfeb3a365591e9d035cf1eaa0
SHA1

660c09a7ccd6c132d249ff75e71bf0e8cbd2aad5
SHA256

e9403b30d624a82d38fa2c88ff4809d1a8d0bde4286926c2fe0251344f7dec99
SHA512

876d4c8fbabe6bc847dd6ec2f47fd5f7c32132cc40083aaceecb5673c278a7450aa41a20d56890bfc0e4bc4aa5e7ec94cb6223cfaa6e8ab96de5b5e55340d4e5
SSDEEP

3072:fYiLNMOOfBvgyat0ro4+BlIUc6fttkOsyWR9qnQur:QiLOp4Vq0OT63vAnq3

Score

N/A

Malware Config

Signatures

Files

e9403b30d624a82d38fa2c88ff4809d1a8d0bde4286926c2fe0251344f7dec99
.exe windows x86

33bb9efa3bfc52d66e724ce4fd6ade22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetCommandLineA
GetDriveTypeA
VirtualProtect
GetModuleHandleA
GetLocaleInfoA
CreateDirectoryA
WriteFile
GetPriorityClass
GetFileAttributesW
DeleteFileA
CreatePipe
SuspendThread
ResumeThread
SetLocalTime
HeapSize
GlobalSize
GetStdHandle
IsBadReadPtr
ReadConsoleW
GetProcessHeap
ResumeThread

user32

GetWindowLongA
SetCursor
GetWindowLongA
LoadCursorA
GetMessageA
DestroyIcon
wsprintfA
DrawIcon
SetRect
DispatchMessageA
DestroyMenu
GetWindowTextW
PeekMessageA

els

DllRegisterServer
DllUnregisterServer
DllGetClassObject
DllUnregisterServer

rasapi32

DwCloneEntry

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy