c41a263698968f4b973f247b0f9a1498a6eaae759454cefa119d72af78fcf6bb | Triage

Submit
Reports

Overview

overview

Static

static

c41a263698...bb.exe

windows7-x64

c41a263698...bb.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c41a263698968f4b973f247b0f9a1498a6eaae759454cefa119d72af78fcf6bb.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

c41a263698968f4b973f247b0f9a1498a6eaae759454cefa119d72af78fcf6bb.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c41a263698968f4b973f247b0f9a1498a6eaae759454cefa119d72af78fcf6bb
Size

126KB
MD5

71e1865c729fca2543336390090fc450
SHA1

03be9104cfe1f1c45f888348b72c4d912d9c089a
SHA256

c41a263698968f4b973f247b0f9a1498a6eaae759454cefa119d72af78fcf6bb
SHA512

d2d00dbb4a5a4eac5a9249bf7f21c680785c05cbb71c1e5fd417e39b9a57138de54a8d7e48022c7fcdc47f078bd5ff6597b7d469ab30c3f651ec7ef9b7458301
SSDEEP

1536:UfLiZCmqzULwgH66El82RLz6AuiYnotL1uRL7xLv7SoENAGLzAeNFiMAnM6vMrKR:ALi8fMCq2RLiisot4dLveTUe/iVl

Score

N/A

Malware Config

Signatures

Files

c41a263698968f4b973f247b0f9a1498a6eaae759454cefa119d72af78fcf6bb
.exe windows x86

81ebcdac28752f48345b9e6386a75e4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetCommBreak
CreateEventA
GetCurrentProcess
GetPrivateProfileSectionA
GetVersionExA
DeviceIoControl
GetFileAttributesW
VirtualProtectEx
GetLocaleInfoW
GetCurrentThread
GlobalLock
LocalFlags
FindClose
CreateDirectoryW
SetLastError
HeapFree
TlsGetValue
GetFileAttributesW
GetStringTypeA
RemoveDirectoryW
GetModuleHandleA

user32

DispatchMessageA
PeekMessageW
PostMessageW
LoadCursorA
IsWindow
SetCursor
DefDlgProcA
GetWindowLongW
wsprintfW
SetFocus
SetCursorPos
GetWindowTextW
IsDialogMessageA

msorcl32

SQLError
SQLConnect
SQLCancel
SQLDisconnect

ntshrui

IsPathSharedA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy