f5c222f9e9eb5e7bf54877f167783cd8133d5ed91e76dce645efaca410844a88 | Triage

Submit
Reports

Overview

overview

Static

static

f5c222f9e9...88.exe

windows7-x64

f5c222f9e9...88.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

f5c222f9e9eb5e7bf54877f167783cd8133d5ed91e76dce645efaca410844a88.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f5c222f9e9eb5e7bf54877f167783cd8133d5ed91e76dce645efaca410844a88.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

f5c222f9e9eb5e7bf54877f167783cd8133d5ed91e76dce645efaca410844a88
Size

128KB
MD5

a3215fc039816cfe7e1f7b214e52e610
SHA1

65d3660a7543f523570bd750c0ce43731d935a4d
SHA256

f5c222f9e9eb5e7bf54877f167783cd8133d5ed91e76dce645efaca410844a88
SHA512

9596af01ba8e9cdb9436a597418ff18230b6e369878eda9624bc8abf50c24a141bac033b062146868b540535b7e6274091f4637698c4da66f38823c18062c018
SSDEEP

3072:aMgxMr5GQId6SKtiDy+bCjz38oc45yvzjGkMvYzbY+TudjVnU39:zGQIIFtGujzG0ybjOYDudju3

Score

N/A

Malware Config

Signatures

Files

f5c222f9e9eb5e7bf54877f167783cd8133d5ed91e76dce645efaca410844a88
.exe windows x86

fbaf9c08c79c40c8a4098f565b5fd6f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetPriorityClass
LocalLock
SetLastError
GetModuleHandleA
RemoveDirectoryW
GetExitCodeThread
FindClose
GetFileAttributesA
HeapFree
SuspendThread
GetCurrentProcess
CreateDirectoryW
GetLocaleInfoW
TlsGetValue
GetFileAttributesA
VirtualProtect
FindResourceW
MapViewOfFile
GetStringTypeA
IsValidCodePage
GetTickCount

user32

DispatchMessageA
SetFocus
PeekMessageW
LoadCursorA
PostMessageW
wsprintfW
DefDlgProcA
GetWindowTextW
IsDialogMessageA
GetWindowLongW
SetCursor
LoadImageW
IsWindow

msctf

DllUnregisterServer
DllCanUnloadNow
TF_InitSystem
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy