4542c317d8e97e047ca132be98c50c1480c6b8e32d2f43d9e0edc54e9283f19d | Triage

Submit
Reports

Overview

overview

Static

static

4542c317d8...9d.exe

windows7-x64

4542c317d8...9d.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

4542c317d8e97e047ca132be98c50c1480c6b8e32d2f43d9e0edc54e9283f19d.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

4542c317d8e97e047ca132be98c50c1480c6b8e32d2f43d9e0edc54e9283f19d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

4542c317d8e97e047ca132be98c50c1480c6b8e32d2f43d9e0edc54e9283f19d
Size

128KB
MD5

078e775a9b3174ac6c2200f8ce5e4830
SHA1

a43474b36fbedf45b1bd32988a047cf383d5bb03
SHA256

4542c317d8e97e047ca132be98c50c1480c6b8e32d2f43d9e0edc54e9283f19d
SHA512

2412a04a509de6db03dca266ad481281815104d7eb645f328c0a082c80064a9216c411734db3512f3e509f7fcd2580dcd5e0dc1353daecf1fab0c6a44bd075c6
SSDEEP

3072:xyRfUNPKNOKyPlr7ED6DeNqcvhhiDewQuiXe80he4pTQQQNGwI5jR9:IHNRhhduigQQQNGwIB

Score

N/A

Malware Config

Signatures

Files

4542c317d8e97e047ca132be98c50c1480c6b8e32d2f43d9e0edc54e9283f19d
.exe windows x86

faccd7679bcab175ce478909ee41b338

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetFileAttributesA
VirtualProtect
SetPriorityClass
GetLocaleInfoW
MapViewOfFile
FindResourceW
RemoveDirectoryW
GetTickCount
IsValidCodePage
SetLastError
SuspendThread
GetFileAttributesA
LocalLock
TlsGetValue
GetStringTypeA
GetModuleHandleA
HeapFree
GetCurrentProcess
CreateDirectoryW
GetExitCodeThread
FindClose

user32

LoadCursorA
GetWindowLongW
wsprintfW
GetWindowTextW
DispatchMessageA
LoadImageW
PeekMessageW
SetCursor
IsWindow
IsDialogMessageA
LoadStringW
PostMessageW
SetFocus

msctf

DllUnregisterServer
TF_InitSystem
DllCanUnloadNow
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy