a0b18cb6210ef433f537e078799f798bb06e1099c8a510dc8023a4e3bc51451a | Triage

Submit
Reports

Overview

overview

Static

static

a0b18cb621...1a.exe

windows7-x64

a0b18cb621...1a.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a0b18cb6210ef433f537e078799f798bb06e1099c8a510dc8023a4e3bc51451a.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

a0b18cb6210ef433f537e078799f798bb06e1099c8a510dc8023a4e3bc51451a.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

a0b18cb6210ef433f537e078799f798bb06e1099c8a510dc8023a4e3bc51451a
Size

263KB
MD5

8441f4c6563fd9909e45e5552817df06
SHA1

a1482c6b43116fdc48b436c8a116dd738776214c
SHA256

a0b18cb6210ef433f537e078799f798bb06e1099c8a510dc8023a4e3bc51451a
SHA512

dbfd43dd5229c777a9ca96eef26378ac73dddda7ff544e8c363979ea2d232c6a72294363fcb1cf5efc4fd92d131f4521db6a7963177c260a6d391961f28482d1
SSDEEP

6144:xT+qz5Co5CwnP5mjADsiLpyMwSJT1xQySIp5k38PdyoAw:tPfsvqDt5JFRA

Score

N/A

Malware Config

Signatures

Files

a0b18cb6210ef433f537e078799f798bb06e1099c8a510dc8023a4e3bc51451a
.exe windows x86

7305af1804726d3e21b5f6c43408635c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSFreeMemory
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

oleacc

LresultFromObject
AccessibleObjectFromPoint

kernel32

SystemTimeToFileTime
lstrlenW
HeapFree
Sleep
HeapFree
GetProcessHeap
GetCurrentThreadId
QueryPerformanceCounter
RaiseException
InterlockedCompareExchange
GetThreadLocale
LocalAlloc
GetSystemTime
GetLocaleInfoA
GetStdHandle
InterlockedExchange
CreateFileW
HeapReAlloc
EnumResourceTypesA
GetTickCount
HeapAlloc
MultiByteToWideChar
TerminateProcess
GetACP
CreateProcessA
LoadLibraryW
HeapDestroy
lstrlenA
GetStartupInfoA
CompareFileTime
GetEnvironmentVariableA
SetUnhandledExceptionFilter
WriteFile
CloseHandle
GetCurrentProcessId
WideCharToMultiByte
HeapSize
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
GetModuleHandleA
LoadLibraryExW
lstrcpynW

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy