1e0f618e02107edce5c63ac2858afd81ec50ad9fed5c80c4d08e2fd8297f0723 | Triage

Submit
Reports

Overview

overview

Static

static

1e0f618e02...23.exe

windows7-x64

1e0f618e02...23.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

1e0f618e02107edce5c63ac2858afd81ec50ad9fed5c80c4d08e2fd8297f0723.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

1e0f618e02107edce5c63ac2858afd81ec50ad9fed5c80c4d08e2fd8297f0723.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

1e0f618e02107edce5c63ac2858afd81ec50ad9fed5c80c4d08e2fd8297f0723
Size

287KB
MD5

e999ac4471634969f97ab59a6a7f8633
SHA1

5a144ed1107c5f8ce64004448f8196a1dfc55a71
SHA256

1e0f618e02107edce5c63ac2858afd81ec50ad9fed5c80c4d08e2fd8297f0723
SHA512

dc7d966ff1a31e874ca4c832ba8aa0f0572b95126d6e9ae26e736276255593dc7a88c95bade16701e85ef4fca26f28918502ee075d4feb775ee0140b6780097d
SSDEEP

6144:wFtkwz7yc//6EjkIHm643gNIKpee92VUzorcYbhc7gA:wFpZ//dj5vqKEmzorcYbhc73

Score

N/A

Malware Config

Signatures

Files

1e0f618e02107edce5c63ac2858afd81ec50ad9fed5c80c4d08e2fd8297f0723
.exe windows x86

3e9aadaf1eedd32e66b538761741679f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

GlobalFindAtomA
GetCurrentProcess
GetProcessHeap
InterlockedCompareExchange
VirtualProtect
GetTickCount
QueryPerformanceCounter
UnhandledExceptionFilter
GetLocaleInfoW
GetStartupInfoA
FoldStringW
EnumResourceLanguagesW
SetUnhandledExceptionFilter
GetCurrentProcessId
InterlockedExchange
GetPrivateProfileStructW
TerminateProcess
GetSystemTimeAsFileTime
IsDebuggerPresent
LocalAlloc
GetModuleHandleW
GetCurrentThreadId
DeleteFileW

oleacc

CreateStdAccessibleObject

shlwapi

StrRetToBSTR
PathFindExtensionW
PathRemoveFileSpecW
StrCmpIW
PathCreateFromUrlW
UrlCreateFromPathW
PathAppendW
UrlUnescapeW
PathIsRelativeW
PathCombineW

Sections

.text
Size: 152KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy