e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

e97220a6a0...dd.exe

windows7-x64

e97220a6a0...dd.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd.exe

Resource

win7-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd
Size

277KB
MD5

063cc2a3a291a25d7caaadce29b92204
SHA1

1e6fe9fda04c90db08a97e6655cfd9552b343376
SHA256

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd
SHA512

e0f4f4b05df77f8522070e62fa0ce95b4d5690159a3a62054ad9e07dd2e70deea91e87be8445f710e856132b64ab78dcba168db2b834c52e00beff85d22a110f
SSDEEP

6144:i3oyNOD+0vX9BEF5Cb/b7PqwhYNDPNZupAutRv/NfCXI7X:moF9A5CDzeDupPtRv/NK4

Score

N/A

Malware Config

Signatures

Files

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd
.exe windows x86

8d65c68f5d02f3c9216826a322cf6890

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
EnumResourceLanguagesA
WriteFile
WideCharToMultiByte
SetFilePointer
GlobalHandle
FindFirstFileA
GetModuleHandleA
GetCurrentProcessId
EnumResourceTypesW
QueryPerformanceCounter
GetCurrentThreadId
VirtualProtect
GetSystemDirectoryW
IsDBCSLeadByte
FindNextFileA
ReadFile
FindClose

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.