Behavioral task
behavioral1
Sample
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb.exe
Resource
win7-20220812-en
General
-
Target
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb
-
Size
31KB
-
MD5
e0cb9be97c1cef47582b920bdfaa1c10
-
SHA1
a2ea67448c352dc51a1d0f77d55bb1da760b8d2b
-
SHA256
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb
-
SHA512
68123aa13a375c1e710852ed7835ae592d3518fb1403585e5bf1de929c13f4abc9879e459ceb745375dee5cbe664cf0f81d24c28ad20308000d8c4e1befdb3a3
-
SSDEEP
768:rXRBH69uDjpez1AhgQ9ZPj0JFDKQb7tO0Kow:9BaxpAhgex0JFLh/Ko
Malware Config
Extracted
pony
http://safehosters.org/my/gate.php
Signatures
Files
-
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 60KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 30KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE