b2af2aea0b11fba385e100d9953aa4c8fe773a8e5ac3bc4e060593039b1d2cba | Triage

Submit
Reports

Overview

overview

Static

static

b2af2aea0b...ba.exe

windows7-x64

b2af2aea0b...ba.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b2af2aea0b11fba385e100d9953aa4c8fe773a8e5ac3bc4e060593039b1d2cba.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b2af2aea0b11fba385e100d9953aa4c8fe773a8e5ac3bc4e060593039b1d2cba.exe

Resource

win10v2004-20220812-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

b2af2aea0b11fba385e100d9953aa4c8fe773a8e5ac3bc4e060593039b1d2cba
Size

113KB
MD5

0947d89d47fec71703630b166bd9ae00
SHA1

68f8add4ec74a985e71acc6103bda3f6d8e8b3a6
SHA256

b2af2aea0b11fba385e100d9953aa4c8fe773a8e5ac3bc4e060593039b1d2cba
SHA512

5167b8c7f165add2db95dc6f2b4c62b1451e385099da67e1547d0a7065d1d2a13feb813cf3c8d6168f8839553e2c5cba141ff5abb739d7a2c9cac53147dac4a7
SSDEEP

3072:iC0C5vtbOdk9m75chw/7/1TUTDmu5puJPCmu:EqOdksH7/1wTPfp

Score

N/A

Malware Config

Signatures

Files

b2af2aea0b11fba385e100d9953aa4c8fe773a8e5ac3bc4e060593039b1d2cba
.exe windows x86

c10abdb839d30a72c0498932f4a7303b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetDriveTypeA
SetLastError
GetStdHandle
GetModuleHandleA
lstrcmpiA
EndUpdateResourceW
GetExitCodeProcess
lstrcmpiA
lstrcmpiA
CreateNamedPipeA
HeapCreate
SuspendThread
GetLogicalDrives
lstrcmpiA
FileTimeToLocalFileTime
GetModuleFileNameA
IsValidCodePage
lstrlenA
Sleep
GetProcessHeap
CreateWaitableTimerW
GetBinaryTypeW

odbctrac

TraceSQLConnect
TraceSQLCancel
TraceVersion
TraceSQLError

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xml
Size: 1024B - Virtual size: 631B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy