c6b16a4ee7b16674a92eded2c3cb0eda4584f8bd66e24784daefbe667d029db5 | Triage

Submit
Reports

Overview

overview

Static

static

c6b16a4ee7...b5.exe

windows7-x64

c6b16a4ee7...b5.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c6b16a4ee7b16674a92eded2c3cb0eda4584f8bd66e24784daefbe667d029db5.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

c6b16a4ee7b16674a92eded2c3cb0eda4584f8bd66e24784daefbe667d029db5.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

c6b16a4ee7b16674a92eded2c3cb0eda4584f8bd66e24784daefbe667d029db5
Size

121KB
MD5

3b51fb9d7dfc5efd80585547a32afd30
SHA1

e9365f569b0b21688e18516f735234f87e250550
SHA256

c6b16a4ee7b16674a92eded2c3cb0eda4584f8bd66e24784daefbe667d029db5
SHA512

2322bf836d6753850d32b87dfb54f69bbe3a92f8cddd6203794b0cc9451ee0ec5cdcfc2fcdeb24e764b2f63d41c9a8856b9c33723709226a815ebe390a7c7a68
SSDEEP

3072:2AxTtBLJz78wfK6REafq7Ju447SXHpcNYmoaxyG1RlP:2A5fLFGvIp7SXyX97

Score

N/A

Malware Config

Signatures

Files

c6b16a4ee7b16674a92eded2c3cb0eda4584f8bd66e24784daefbe667d029db5
.exe windows x86

290e70904524bf7faf907475d5181ef4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CancelIo
GetStdHandle
RemoveDirectoryA
SetLastError
WriteFile
GetCommandLineA
GetDriveTypeW
DeleteFileA
GetModuleHandleA
CreateDirectoryA
MapViewOfFile
GetProcessHeap
GetFileAttributesA
HeapSize
ResetEvent
ReleaseMutex
SetLocalTime
CreateMailslotA
GetLocaleInfoA
VirtualProtect
IsBadWritePtr

user32

SetFocus
GetWindowLongW
SetCursor
GetCaretPos
GetWindowTextW
LoadImageA
DestroyMenu
wsprintfA
DispatchMessageA
GetCapture
LoadCursorA
PostMessageW
PeekMessageA

hnetcfg

DllRegisterServer
HNetGetSharingServicesPage
DllGetClassObject
DllCanUnloadNow

rasapi32

DwRasUninitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy