1c788c5a89a81e73049920312c581dd1942c3b77c5cb0a857d6ef6ce066715e3 | Triage

Submit
Reports

Overview

overview

Static

static

1c788c5a89...e3.exe

windows7-x64

1c788c5a89...e3.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1c788c5a89a81e73049920312c581dd1942c3b77c5cb0a857d6ef6ce066715e3.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

1c788c5a89a81e73049920312c581dd1942c3b77c5cb0a857d6ef6ce066715e3.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1c788c5a89a81e73049920312c581dd1942c3b77c5cb0a857d6ef6ce066715e3
Size

132KB
MD5

4a7f18041afd56a2b68d6ba07159530d
SHA1

47e5289e5cd3aef8ca0b5fc652d3210f1edff815
SHA256

1c788c5a89a81e73049920312c581dd1942c3b77c5cb0a857d6ef6ce066715e3
SHA512

ab5397d2475e992a39e8eff335c308b7d4541c75610e3f637b65c68252c3136eadcf42845aeaff43c252e826456db95b47fafa6485e2d4f4c399474bf3fede19
SSDEEP

1536:nEMNXTOKtG+fkDdkuAa+0OA9rfVAH41iPxWYchB0f/xxO6skX9C262SF3Iea:nEM4iDirfVA+GJ8mx4aC263z

Score

N/A

Malware Config

Signatures

Files

1c788c5a89a81e73049920312c581dd1942c3b77c5cb0a857d6ef6ce066715e3
.exe windows x86

3ec3d3f4b82a101d1a526efdf4e6d882

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalLock
DeviceIoControl
GetStdHandle
OpenMutexA
GetPrivateProfileIntW
FindVolumeClose
GetDriveTypeA
CreateEventW
CloseHandle
GetPrivateProfileSectionA
DeviceIoControl
HeapFree
HeapDestroy
LoadLibraryA
DeleteFileA
GetFileAttributesA
GetStringTypeA
lstrlenA
GetCurrentProcess
VirtualProtectEx
GetCurrentThread

uxtheme

GetThemeTextExtent
GetThemeTextMetrics
GetWindowTheme
DrawThemeEdge
CloseThemeData
GetThemeSysSize
SetWindowTheme
DrawThemeBackground
CloseThemeData
IsThemeActive
OpenThemeData
GetThemeColor
GetThemeBool

odbccp32

SQLConfigDataSource
SQLInstallDriver
SQLInstallODBC
SQLGetAvailableDrivers

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy