b6f61846a5f2e75c53c610e1a36bb6aca804866b9fe861a9c62f1f4a7dcc13a3 | Triage

Submit
Reports

Overview

overview

Static

static

b6f61846a5...a3.exe

windows7-x64

b6f61846a5...a3.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b6f61846a5f2e75c53c610e1a36bb6aca804866b9fe861a9c62f1f4a7dcc13a3.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b6f61846a5f2e75c53c610e1a36bb6aca804866b9fe861a9c62f1f4a7dcc13a3.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b6f61846a5f2e75c53c610e1a36bb6aca804866b9fe861a9c62f1f4a7dcc13a3
Size

134KB
MD5

08d7f93ed8e10dfd599d87d62f55ef48
SHA1

7cc46b103a7872182505e7639745982bbf23a747
SHA256

b6f61846a5f2e75c53c610e1a36bb6aca804866b9fe861a9c62f1f4a7dcc13a3
SHA512

888137faf5e45a0007bd3a643e6799717c7894991457d2777cdcdafebcef2f91be10614f42a67a9a9859ea9d7b3e6b3f369af4f242733082d70940bece5225a5
SSDEEP

3072:0/bKraX0KKBBuNy360VNNsyM4h2poAh+KtzhhIjvdRM4i:NSruNthK1+KzhqvdR

Score

N/A

Malware Config

Signatures

Files

b6f61846a5f2e75c53c610e1a36bb6aca804866b9fe861a9c62f1f4a7dcc13a3
.exe windows x86

41fa3e1aba91842f10fb59df54d523a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetExitCodeThread
MapViewOfFile
GetModuleHandleA
GetStringTypeA
GetCurrentProcess
LocalLock
IsValidCodePage
IsBadWritePtr
FindClose
SetLastError
GetTickCount
VirtualProtect
TlsGetValue
GetLocaleInfoW
GetFileAttributesA
CreateDirectoryW
HeapFree
GetFileAttributesA
FindResourceW
RemoveDirectoryW
GetDriveTypeW

user32

SetFocus
GetWindowTextW
LoadImageW
DispatchMessageA
LoadCursorA
wsprintfW
IsWindow
PostMessageW
LoadStringW
IsDialogMessageA
PeekMessageW
GetWindowLongW
SetCursor

msctf

TF_InitSystem
DllCanUnloadNow
DllUnregisterServer
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy