94d0b0f2af8054f8c5d3cde0ef33b2d787bcb092e9edb519c48f02f28cc6e738 | Triage

Submit
Reports

Overview

overview

Static

static

94d0b0f2af...38.exe

windows7-x64

94d0b0f2af...38.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

94d0b0f2af8054f8c5d3cde0ef33b2d787bcb092e9edb519c48f02f28cc6e738.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

94d0b0f2af8054f8c5d3cde0ef33b2d787bcb092e9edb519c48f02f28cc6e738.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

94d0b0f2af8054f8c5d3cde0ef33b2d787bcb092e9edb519c48f02f28cc6e738
Size

133KB
MD5

76bc404d0582c90b6ac34eb581434f65
SHA1

c1a0b8727b6461015c281f793554a23c8c42a514
SHA256

94d0b0f2af8054f8c5d3cde0ef33b2d787bcb092e9edb519c48f02f28cc6e738
SHA512

587830f2d04ccc50159974b5fe5c6e62a89490b4490deb59f382d9fa3a560c7bb1be12e93a6e11e1d7aad8cd89fb6c83346d8c1899f7e65976c870465c6aab78
SSDEEP

3072:kTd2ptMFpPalKkI/r+R5RkVvhpdMktZfD2:kTd2pupPalKkIakVJpd36

Score

N/A

Malware Config

Signatures

Files

94d0b0f2af8054f8c5d3cde0ef33b2d787bcb092e9edb519c48f02f28cc6e738
.exe windows x86

cb38352a084ae68074c5589fe6fda14c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
ReadConsoleW
lstrlenA
CloseHandle
LoadLibraryA
GetCommandLineA
WriteConsoleA
GetEnvironmentStringsW
CreateDirectoryA
SetLastError
CreateDirectoryW
CreateFileA
GetTickCount
SetEvent
OpenSemaphoreW
GetStartupInfoA
EnterCriticalSection
GlobalFree
Sleep
OpenMutexA
GetFileSize
DeleteFileA
GetModuleFileNameA
VirtualProtect
SetLastError

user32

CallWindowProcA
GetSysColor
IsZoomed
DrawTextA
DispatchMessageA
GetWindowLongA
DispatchMessageA
SetFocus
PeekMessageA
GetClassInfoA
IsWindow
FindWindowA
DestroyMenu

cfgbkend

DllCanUnloadNow
DllGetClassObject
DllUnregisterServer
DllRegisterServer

advapi32

RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy