facdf53faf8fe7fa2da7debad8acaef3b4bcb9cae8f35916a2bc14df5f94974f | Triage

Submit
Reports

Overview

overview

Static

static

facdf53faf...4f.exe

windows7-x64

facdf53faf...4f.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

facdf53faf8fe7fa2da7debad8acaef3b4bcb9cae8f35916a2bc14df5f94974f.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

facdf53faf8fe7fa2da7debad8acaef3b4bcb9cae8f35916a2bc14df5f94974f.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

facdf53faf8fe7fa2da7debad8acaef3b4bcb9cae8f35916a2bc14df5f94974f
Size

119KB
MD5

a338af4d3f90e8adee1c2c55bd393d00
SHA1

b824545990c997d94c013c79de593d069b0b2471
SHA256

facdf53faf8fe7fa2da7debad8acaef3b4bcb9cae8f35916a2bc14df5f94974f
SHA512

5fead9f29c139a1408303bcefae2fb08eb8b08fb0d7c42b1e6d318e269ef8e4fcdb5575f656e517ca51d6de4b55f527392f898893f1a978bb0f2b47973b171ba
SSDEEP

1536:mAU9+trig4tnlc0YQkPd95J1gIgpLo2dvP5kG/jo2GvQNgmclGypQUzAywEc/nD9:mupdh1gzLo2dJrsQNgtdZzAyJ60s9mN

Score

N/A

Malware Config

Signatures

Files

facdf53faf8fe7fa2da7debad8acaef3b4bcb9cae8f35916a2bc14df5f94974f
.exe windows x86

fb8fa98f61dfc26f03d2d1533a8b8b1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
WriteConsoleW
lstrcpyA
GetFileAttributesW
VirtualProtect
GetProcessHeap
lstrlenW
GetPriorityClass
SetEvent
CopyFileA
DisconnectNamedPipe
ResumeThread
HeapDestroy
WriteConsoleW
GetStdHandle
CreatePipe
GetStartupInfoA
GetCommandLineA
VirtualQueryEx
WriteConsoleW
GetModuleHandleA

mmcndmgr

DllRegisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject

cryptui

DllUnregisterServer
LocalEnroll
CryptUIWizDigitalSign
CryptUIWizExport
CryptUIWizImport
LocalEnrollNoDS
DllRegisterServer
WizardFree
CryptUIWizBuildCTL
CryptUIDlgViewContext
CryptUIStartCertMgr
WizardFree
LocalEnroll

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy