0656e1f166bee6f92c5a312edc346d7f9ecb839da944b8c6c12d42bc227c6bda | Triage

Submit
Reports

Overview

overview

Static

static

0656e1f166...da.exe

windows7-x64

0656e1f166...da.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

0656e1f166bee6f92c5a312edc346d7f9ecb839da944b8c6c12d42bc227c6bda.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0656e1f166bee6f92c5a312edc346d7f9ecb839da944b8c6c12d42bc227c6bda.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

0656e1f166bee6f92c5a312edc346d7f9ecb839da944b8c6c12d42bc227c6bda
Size

125KB
MD5

932f0dd1dcaf722f49351d81323aedc0
SHA1

aca113b1e5c2bfc5b249a45b776f4645a63a2ef5
SHA256

0656e1f166bee6f92c5a312edc346d7f9ecb839da944b8c6c12d42bc227c6bda
SHA512

145398e7fb3f4a5a83a45c4d6f5cc2df49b8daf8e4135664cfcd778128289b2f28cb6355a61a7f172aee95d3ff3c6812ff9a7882339ba1f3022444b1b93416eb
SSDEEP

1536:l/5OmBmwdh3ETIhBq2E4kuEzLieQdSZRx0gShXHBZ6KMdPG4/AdqSCBu/eg:lUepP3Eu9EoiLiefEhX+vAd3io

Score

N/A

Malware Config

Signatures

Files

0656e1f166bee6f92c5a312edc346d7f9ecb839da944b8c6c12d42bc227c6bda
.exe windows x86

c7ec41aeeee0bfaa72443a50109c3322

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GlobalLock
GetFileAttributesW
GetCurrentThread
CreateDirectoryW
HeapFree
GetPrivateProfileIntA
GetVersionExA
CreateEventA
RemoveDirectoryW
CloseHandle
SetLastError
DeviceIoControl
GetPrivateProfileSectionA
SetCommBreak
LocalFlags
FindClose
GetFileAttributesW
VirtualProtectEx
GetModuleHandleA
GetStringTypeA
GetCurrentProcess

user32

SetCursorPos
PeekMessageW
SetFocus
GetWindowTextW
PostMessageW
DispatchMessageA
IsZoomed
wsprintfW
IsWindow
GetWindowLongW
LoadCursorW
GrayStringW
IsDialogMessageA

netshell

DllCanUnloadNow
DllRegisterServer
DllGetClassObject
HrCreateDesktopIcon

rasapi32

DwCloneEntry

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy