4e8d457423c22cb8c69ae32763b3cf19efaa55ea2aafdc069cf0b8673c6dbe9b | Triage

Submit
Reports

Overview

overview

Static

static

4e8d457423...9b.exe

windows7-x64

4e8d457423...9b.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4e8d457423c22cb8c69ae32763b3cf19efaa55ea2aafdc069cf0b8673c6dbe9b.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

4e8d457423c22cb8c69ae32763b3cf19efaa55ea2aafdc069cf0b8673c6dbe9b.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

4e8d457423c22cb8c69ae32763b3cf19efaa55ea2aafdc069cf0b8673c6dbe9b
Size

285KB
MD5

0deb0884af2930945cf9c35d95ce4108
SHA1

e12b7c75e15167afbf198464253655fb6f5298a4
SHA256

4e8d457423c22cb8c69ae32763b3cf19efaa55ea2aafdc069cf0b8673c6dbe9b
SHA512

3f3c1637e319cc3a520144e231042e761e08b12023c7ff28a62c2591e30110c63ef9e244731ec37e4b5a2b06873977ee31886a7cf314262575a5716bb0d362cd
SSDEEP

6144:pcfmAsbzTKgjGzpmuQ5i5QNnV3t3bmguNKq8cUlebaN9xLuU6fG:pcfHsbiuGzNi3bckcfbEx6l

Score

N/A

Malware Config

Signatures

Files

4e8d457423c22cb8c69ae32763b3cf19efaa55ea2aafdc069cf0b8673c6dbe9b
.exe windows x86

3eb35b357ca3c4dc8662178e937f662e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

GetModuleFileNameW
FindAtomA
CreateDirectoryW
WideCharToMultiByte
ExitProcess
MultiByteToWideChar
GetFileAttributesW
DuplicateHandle
GetModuleHandleA
GetCurrentDirectoryW
GetFileInformationByHandle
lstrlenW
GetCurrentThreadId
EnumResourceLanguagesA
SetEnvironmentVariableW
SearchPathW
VirtualQuery
LocalAlloc
GetStringTypeExW
GetCurrentProcess
SetLastError
OutputDebugStringA
VirtualProtect
lstrcmpiW
OutputDebugStringW
LocalFree
InterlockedExchange

oleacc

CreateStdAccessibleObject

shlwapi

StrRetToStrA
PathAppendA
PathIsContentTypeA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 142KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy