81c13a9f00c3f44035f35af76ca5574db284c881adb1c15b362c5602aef725a6 | Triage

Submit
Reports

Overview

overview

Static

static

81c13a9f00...a6.exe

windows7-x64

81c13a9f00...a6.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

81c13a9f00c3f44035f35af76ca5574db284c881adb1c15b362c5602aef725a6.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

81c13a9f00c3f44035f35af76ca5574db284c881adb1c15b362c5602aef725a6.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

81c13a9f00c3f44035f35af76ca5574db284c881adb1c15b362c5602aef725a6
Size

113KB
MD5

822d18994728a28b7fe9fee8f5728c00
SHA1

9a3f82751f5b693c3e17b5af44d7ab2e73355367
SHA256

81c13a9f00c3f44035f35af76ca5574db284c881adb1c15b362c5602aef725a6
SHA512

38056784323c73774d12e28752212d139f87c1f30f0e6329d070dfe7bbc6c6f618e9dc3a3f9eb84fec5d07258dda72a4fc7a1fd9788a39d02b64fd29cac69e99
SSDEEP

3072:RHTE0OuIfuenAbCRdmrqJ6HDQrlIE6HjSgl6J/9WD:RzWLGeK20qoH2D6DtgJ/9

Score

N/A

Malware Config

Signatures

Files

81c13a9f00c3f44035f35af76ca5574db284c881adb1c15b362c5602aef725a6
.exe windows x86

c44b74575a608867e4f75b7505701ab6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
CreatePipe
WriteConsoleW
WriteConsoleW
HeapCreate
GetStdHandle
GetFileAttributesA
SetEvent
GetPriorityClass
DisconnectNamedPipe
lstrcpyW
CloseHandle
IsDebuggerPresent
GetStartupInfoA
GetModuleHandleA
ReleaseMutex
ClearCommBreak
GetCurrentDirectoryA
CopyFileW
lstrlenW
WriteConsoleW

msftedit

RichComboBoxWndProc
RichEditWndProc
SetCustomTextOutHandlerEx
RichListBoxWndProc

shell32

SHGetSettings
DragAcceptFiles
DragFinish
SHFree
SHGetDiskFreeSpaceA
StrChrA
ShellAboutA
DuplicateIcon
ShellMessageBoxA
DllUnregisterServer
DragQueryFileA
ExtractIconA
SHGetMalloc

msasn1

ASN1BERDecBool

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy