a630f3d59c82d11cbe9ff9b63e7f9c161047dd4c09b85cb4b726f58271562b2d | Triage

Submit
Reports

Overview

overview

Static

static

a630f3d59c...2d.exe

windows7-x64

a630f3d59c...2d.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a630f3d59c82d11cbe9ff9b63e7f9c161047dd4c09b85cb4b726f58271562b2d.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

a630f3d59c82d11cbe9ff9b63e7f9c161047dd4c09b85cb4b726f58271562b2d.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

a630f3d59c82d11cbe9ff9b63e7f9c161047dd4c09b85cb4b726f58271562b2d
Size

281KB
MD5

307a6ecf0dba316e3d0b03270b414110
SHA1

42a3bd3dcd247ea548e89264fb93e8d534bd4ebe
SHA256

a630f3d59c82d11cbe9ff9b63e7f9c161047dd4c09b85cb4b726f58271562b2d
SHA512

2ede20d9cef9215f1540ae8641a784d99b927e699208c5bd8c0be15b9eac7fddba9df5152a8d0d901d0c7dc3b8f4290c1d7a5542a613adcf792ea07fe16cfe02
SSDEEP

6144:hn/JED4oRjTMttqG7+PiUjo1xDd98RPy9CHPFHnxO+Xwp+u:hnRE8QTMttZCPiUjSxD78RPP9RO+Xwpx

Score

N/A

Malware Config

Signatures

Files

a630f3d59c82d11cbe9ff9b63e7f9c161047dd4c09b85cb4b726f58271562b2d
.exe windows x86

2d99f8180f802145ebe2ea6dadde5cd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
IsWindowVisible
wsprintfW
EnumWindows
GetWindowThreadProcessId
wsprintfA

kernel32

EnumResourceNamesA
FormatMessageA
MultiByteToWideChar
GlobalAddAtomW
HeapFree
SetLastError
FindFirstFileW
GetCommandLineA
LoadLibraryW
HeapAlloc
LockResource
RaiseException
GetProcAddress
GetLastError
GetProcessHeap
EnumResourceNamesA
GetCurrentDirectoryA
EnumResourceTypesA
SizeofResource
LocalFree
GetCurrencyFormatA
FindNextFileW
FindFirstFileA
FindResourceExA
EnumResourceLanguagesA
CloseHandle
GlobalFree
GetModuleHandleA
LoadResource
InterlockedExchange
Sleep

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

Sections

.text
Size: 140KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy