8b5a7b928fc5ba509534544d802278561dd76d624182aaacd3d48f6aa3df95de | Triage

Submit
Reports

Overview

overview

Static

static

8b5a7b928f...de.exe

windows7-x64

8b5a7b928f...de.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8b5a7b928fc5ba509534544d802278561dd76d624182aaacd3d48f6aa3df95de.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

8b5a7b928fc5ba509534544d802278561dd76d624182aaacd3d48f6aa3df95de.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

8b5a7b928fc5ba509534544d802278561dd76d624182aaacd3d48f6aa3df95de
Size

137KB
MD5

5f3df398c8e3d712d5fb9e91e4fa4fb0
SHA1

3b94a27e337e16a334d2f4f6f9001a03d0e75dac
SHA256

8b5a7b928fc5ba509534544d802278561dd76d624182aaacd3d48f6aa3df95de
SHA512

b3ba280c9f1e1eea2d7ddd65d2401ead00e5581708a8ed8fd688513cc51e487c3bba8f60804a1f6f74817533385e5127e572663eef72388ac22d6d2d9ae20461
SSDEEP

3072:LtgmqpUmxOdzAJ1ntqUoKPpJuW4nbS4kcC:o1boKPDuW4n24nC

Score

N/A

Malware Config

Signatures

Files

8b5a7b928fc5ba509534544d802278561dd76d624182aaacd3d48f6aa3df95de
.exe windows x86

fb1e560b3d44e14f71f781df53a8f159

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsValidCodePage
GetLocaleInfoW
TlsGetValue
RemoveDirectoryW
GetStringTypeA
LocalLock
FindResourceW
HeapFree
GetExitCodeThread
GetDriveTypeW
IsBadWritePtr
GetCurrentProcess
GetModuleHandleA
GetFileAttributesA
FindClose
MapViewOfFile
GetFileAttributesA
VirtualProtect
GetTickCount
SetLastError
CreateDirectoryW

user32

SetFocus
wsprintfW
GetWindowLongW
LoadCursorA
SetCursor
PostMessageW
PeekMessageW
DispatchMessageA
IsDialogMessageA
GetWindowTextW
LoadStringA
LoadImageW
IsWindow

msctf

DllUnregisterServer
TF_InitSystem
DllCanUnloadNow
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy