602363de78211f4942bcf6f50570323cdad47c948c7b4e89dae0b75ee40104b5 | Triage

Submit
Reports

Overview

overview

Static

static

602363de78...b5.exe

windows7-x64

602363de78...b5.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

602363de78211f4942bcf6f50570323cdad47c948c7b4e89dae0b75ee40104b5.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

602363de78211f4942bcf6f50570323cdad47c948c7b4e89dae0b75ee40104b5.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

602363de78211f4942bcf6f50570323cdad47c948c7b4e89dae0b75ee40104b5
Size

112KB
MD5

21df8b4b6490b5e2ce0811996819f1f0
SHA1

76f902608621a4a6c29af75552f5cb6167654aee
SHA256

602363de78211f4942bcf6f50570323cdad47c948c7b4e89dae0b75ee40104b5
SHA512

dde94449e6135dc47b58499cfea70967d9904d69a64014788c7f46f5b21bde1a7cf2da7b41387bd140c8e09094e645be6bb010e85276692797313fbfdffa8c5c
SSDEEP

3072:a5D5Z1gjlywYX6vm4OtGg8tlsn4+uFfah:aN5Z1UvDbo4dS

Score

N/A

Malware Config

Signatures

Files

602363de78211f4942bcf6f50570323cdad47c948c7b4e89dae0b75ee40104b5
.exe windows x86

93dae2f607282d6e731c4b20128c1763

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapDestroy
WriteConsoleW
WriteConsoleW
lstrcpyA
SetEvent
DisconnectNamedPipe
GetModuleHandleA
GetStartupInfoA
VirtualProtect
GetStdHandle
ResumeThread
GetProcessHeap
DeleteFileA
GetCommandLineA
lstrlenW
GetFileAttributesW
GetPriorityClass
VirtualQueryEx
CopyFileA
CreatePipe
WriteConsoleW

mmcndmgr

DllGetClassObject
DllCanUnloadNow
DllRegisterServer
DllRegisterServer

cryptui

CryptUIWizDigitalSign
CryptUIDlgViewContext
WizardFree
CryptUIWizImport
DllRegisterServer
CryptUIWizExport
DllUnregisterServer
WizardFree
CryptUIStartCertMgr
CryptUIWizBuildCTL
LocalEnrollNoDS
LocalEnroll
LocalEnroll

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.impdata
Size: 1024B - Virtual size: 769B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy