e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd | Triage

Submit
Reports

Overview

overview

Static

static

e97220a6a0...dd.exe

windows7-x64

e97220a6a0...dd.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd.exe

Resource

win7-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd
Size

277KB
MD5

063cc2a3a291a25d7caaadce29b92204
SHA1

1e6fe9fda04c90db08a97e6655cfd9552b343376
SHA256

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd
SHA512

e0f4f4b05df77f8522070e62fa0ce95b4d5690159a3a62054ad9e07dd2e70deea91e87be8445f710e856132b64ab78dcba168db2b834c52e00beff85d22a110f
SSDEEP

6144:i3oyNOD+0vX9BEF5Cb/b7PqwhYNDPNZupAutRv/NfCXI7X:moF9A5CDzeDupPtRv/NK4

Score

N/A

Malware Config

Signatures

Files

e97220a6a00e0a871c10ea1625788f4959247bb3a8bb658540d9b516ec9de8dd
.exe windows x86

8d65c68f5d02f3c9216826a322cf6890

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
EnumResourceLanguagesA
WriteFile
WideCharToMultiByte
SetFilePointer
GlobalHandle
FindFirstFileA
GetModuleHandleA
GetCurrentProcessId
EnumResourceTypesW
QueryPerformanceCounter
GetCurrentThreadId
VirtualProtect
GetSystemDirectoryW
IsDBCSLeadByte
FindNextFileA
ReadFile
FindClose

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy