a5b5eeb15f7224d5a314d9e93db077f51d2a8580225d5e2183dfb4dc56f3fc44 | Triage

Submit
Reports

Overview

overview

Static

static

a5b5eeb15f...44.exe

windows7-x64

a5b5eeb15f...44.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a5b5eeb15f7224d5a314d9e93db077f51d2a8580225d5e2183dfb4dc56f3fc44.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a5b5eeb15f7224d5a314d9e93db077f51d2a8580225d5e2183dfb4dc56f3fc44.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a5b5eeb15f7224d5a314d9e93db077f51d2a8580225d5e2183dfb4dc56f3fc44
Size

132KB
MD5

47f7962e805dd4294184ccec07b8c95a
SHA1

5436ea4a10c94462b18e0632d6cea7b2c29a1a9a
SHA256

a5b5eeb15f7224d5a314d9e93db077f51d2a8580225d5e2183dfb4dc56f3fc44
SHA512

6e8e5eda7289d3470ec9a205c345e3bfb1f600fc47b2ea63439903adbbbce7cd99dc92ff0f047ea0cf2ae75e491e2586a40a9addafb9b50f119ee39396a66219
SSDEEP

3072:wlXaeoW2/qBLNhppHgu2CJqXXOZPqikkzZXThCcGS:wlqezxplgu2CEXeZPqikk7CPS

Score

N/A

Malware Config

Signatures

Files

a5b5eeb15f7224d5a314d9e93db077f51d2a8580225d5e2183dfb4dc56f3fc44
.exe windows x86

6a1a7df8ba56d8910e295f2df020a07d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
CloseHandle
GetLocalTime
CreateDirectoryW
Sleep
GetDriveTypeA
GetCalendarInfoW
GetFileTime
GetStartupInfoA
VirtualProtectEx
DeleteFileA
GetModuleHandleA
GetModuleFileNameA
GetConsoleMode
LeaveCriticalSection
WriteConsoleW
LocalLock
TlsGetValue
InitializeCriticalSection
GlobalFree
GetCommandLineW
FindClose
RemoveDirectoryA
CreateFileA
EnterCriticalSection

user32

GetWindowDC
IsWindowEnabled
MessageBoxA
IsWindow
EqualRect
IsWindowVisible
GetSysColor
FillRect
wsprintfA
GetWindowLongA
PeekMessageA
GetWindowLongA
DispatchMessageA

cryptdlg

CertTrustCleanup
CertConfigureTrustW
CertConfigureTrustA
CertTrustCertPolicy

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy