88e1406bc64c9348056201cbb22c5daeaf612ba743b3679af39744af795f729e | Triage

Submit
Reports

Overview

overview

Static

static

88e1406bc6...9e.exe

windows7-x64

88e1406bc6...9e.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

88e1406bc64c9348056201cbb22c5daeaf612ba743b3679af39744af795f729e.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

88e1406bc64c9348056201cbb22c5daeaf612ba743b3679af39744af795f729e.exe

Resource

win10v2004-20221111-en

discovery evasion persistence upx

windows10-2004-x64

18 signatures

150 seconds

General

Target

88e1406bc64c9348056201cbb22c5daeaf612ba743b3679af39744af795f729e
Size

278KB
MD5

fe13296cd6c5fad01b9bf5da86e10231
SHA1

5ab051cffd021d26d582566d61d52633c02182f0
SHA256

88e1406bc64c9348056201cbb22c5daeaf612ba743b3679af39744af795f729e
SHA512

297e4862c52ca0907c6dd591fe1b08b704d98b3339874594be6c03836b0dd938076ed7a50309fd89ee0129c10929baa2f5c04b8720071076c8d3ac8a71cd6ff9
SSDEEP

6144:D0uk5eNsKCa6aT6MAS3OyEU4wEqwnhIPC9kjilMyBGt7KEXjR:YKz6a0PfIPSkjJqC7FXj

Score

N/A

Malware Config

Signatures

Files

88e1406bc64c9348056201cbb22c5daeaf612ba743b3679af39744af795f729e
.exe windows x86

56be3450ccb553f236267360fea1ca75

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

kernel32

AddAtomA
WriteFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetStartupInfoA
UnhandledExceptionFilter
EnumResourceLanguagesA
GetEnvironmentStringsW
GetOEMCP
GetStringTypeExW
GetCPInfo
GetEnvironmentStrings
SetUnhandledExceptionFilter

user32

GetDlgItem
CreateWindowExW
SendMessageA
EnumChildWindows
IsWindow
DestroyWindow
GetWindowThreadProcessId

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 136KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy