481d574b880d8d308752f7d67e9c7013bfb9b37a6dc6e9d4ad683f897d469bd4 | Triage

Submit
Reports

Overview

overview

Static

static

481d574b88...d4.exe

windows7-x64

481d574b88...d4.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

481d574b880d8d308752f7d67e9c7013bfb9b37a6dc6e9d4ad683f897d469bd4.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

481d574b880d8d308752f7d67e9c7013bfb9b37a6dc6e9d4ad683f897d469bd4.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

481d574b880d8d308752f7d67e9c7013bfb9b37a6dc6e9d4ad683f897d469bd4
Size

119KB
MD5

96486a5a369bd0c61b4841a32556cd00
SHA1

115c6a04f01eb660560d6bf501f3a4c68b67f654
SHA256

481d574b880d8d308752f7d67e9c7013bfb9b37a6dc6e9d4ad683f897d469bd4
SHA512

880e3b6e0fbb8160999d163ac19c2ff77a354665bf9608654dc5fc258713c52be72e7108a65bbd1db03259003d7fa96c958f386b74ecb700a8d1c735c3ab2022
SSDEEP

3072:99cr95ulmI9qIhJaAe4ba+zv3KhjOAJZp9OQinFx:QrunPLTGwP2OOZpE

Score

N/A

Malware Config

Signatures

Files

481d574b880d8d308752f7d67e9c7013bfb9b37a6dc6e9d4ad683f897d469bd4
.exe windows x86

db494aa861a093feb5f892f27956b4b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLogicalDrives
ReleaseMutex
GetStringTypeW
FindAtomW
HeapDestroy
SetEvent
VirtualProtect
lstrlenW
ReadConsoleA
HeapSize
LoadLibraryW
GetPrivateProfileSectionW
CloseHandle
GetDriveTypeW
GetFileAttributesA
Sleep
GetLastError
GetStartupInfoA
ReadConsoleA
CopyFileA
ReadConsoleA

dsprop

FindSheet
MsgBox
ReportError
MsgBox
MsgBox
CheckADsError
ReportError
ErrMsg
ErrMsg
ErrMsg
FindSheet
CheckADsError
FindSheet

gpedit

DllCanUnloadNow
ExportRSoPData
DllGetClassObject
BrowseForGPO

Sections

.text
Size: 1024B - Virtual size: 789B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.export
Size: 512B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy