79ba8bb5c4067cb9f3324f34212b21bd160fe04b7ff316743556205e0ac2e2cc | Triage

Submit
Reports

Overview

overview

Static

static

79ba8bb5c4...cc.exe

windows7-x64

79ba8bb5c4...cc.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

79ba8bb5c4067cb9f3324f34212b21bd160fe04b7ff316743556205e0ac2e2cc.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

79ba8bb5c4067cb9f3324f34212b21bd160fe04b7ff316743556205e0ac2e2cc.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

79ba8bb5c4067cb9f3324f34212b21bd160fe04b7ff316743556205e0ac2e2cc
Size

128KB
MD5

59cc9a575c3c44f9735c69bc5b452440
SHA1

020b8253db14570c719d093d016e2a8377e0b0c0
SHA256

79ba8bb5c4067cb9f3324f34212b21bd160fe04b7ff316743556205e0ac2e2cc
SHA512

827c92b64f5b74dc4bd375eb1510b42ce565d3457e15f2fd3e37eeb55fbf55d184d490a511143c6558877d57584d40f0f03119cfad0e6ab79167023e3ceb51c5
SSDEEP

3072:qqt7526+RdCrz3ik/iLHOATEfbBSOOGDV1k/VmI:dt9kXCPSk/wXMSTGp1q

Score

N/A

Malware Config

Signatures

Files

79ba8bb5c4067cb9f3324f34212b21bd160fe04b7ff316743556205e0ac2e2cc
.exe windows x86

fe127871769cd486eea93114ba782152

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetPrivateProfileSectionA
DeviceIoControl
VirtualProtectEx
GlobalLock
GetPrivateProfileIntA
GetCurrentProcess
GetFileAttributesW
CreateDirectoryW
GetStringTypeA
SetLastError
SetCommBreak
GetFileAttributesW
CreateEventA
GetVersionExA
LocalFlags
CloseHandle
RemoveDirectoryW
GetModuleHandleA
HeapFree
GetCurrentThread
FindClose

user32

PostMessageW
DispatchMessageA
SetFocus
LoadCursorA
wsprintfW
GetWindowTextW
IsZoomed
SetCursorPos
DefDlgProcW
GetWindowLongW
IsWindow
PeekMessageW
IsDialogMessageA

msorcl32

SQLConnect
SQLDisconnect
SQLError
SQLCancel

ntshrui

IsPathSharedA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy