87b56a7261d7e7770f3789e9cdf775d306847388f0471aa47938da3ff0b8022a | Triage

Submit
Reports

Overview

overview

Static

static

87b56a7261...2a.exe

windows7-x64

87b56a7261...2a.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

87b56a7261d7e7770f3789e9cdf775d306847388f0471aa47938da3ff0b8022a.exe

Resource

win7-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

87b56a7261d7e7770f3789e9cdf775d306847388f0471aa47938da3ff0b8022a.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

87b56a7261d7e7770f3789e9cdf775d306847388f0471aa47938da3ff0b8022a
Size

287KB
MD5

91a143f47d91b05d6121c90c8b154158
SHA1

314d9c533f74e3eb34498b4ed346ac676aa588d3
SHA256

87b56a7261d7e7770f3789e9cdf775d306847388f0471aa47938da3ff0b8022a
SHA512

d6e648a6b3042125c152ad8d424bf99a9cbcfb0150fef64e2ab5c37f7439063142d360825c3b79d8191dd96a12b6e39da0e073deea3cfdb599d000d7af85da76
SSDEEP

6144:J5hcTqRqL9bjkXbfb9aILY+15kx0kN4PkcULaBniG1Jugyd:DhgqY5aDmx0kW8ceMf1NY

Score

N/A

Malware Config

Signatures

Files

87b56a7261d7e7770f3789e9cdf775d306847388f0471aa47938da3ff0b8022a
.exe windows x86

7259d33761d40ff3d2c66e80131c1c3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetAtomNameA
GetDiskFreeSpaceA
SetFilePointer
ReadFile
GetFileAttributesA
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsW
IsBadReadPtr
GetCPInfo
LCMapStringW
WideCharToMultiByte
EnumResourceNamesA
FreeLibrary
SetUnhandledExceptionFilter
GetThreadLocale
WriteFile
UnhandledExceptionFilter
GetFullPathNameA
GetStringTypeA
CreateFileA
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsA
VirtualProtect
LCMapStringA
GetEnvironmentStrings
FindFirstFileA
IsBadCodePtr
MulDiv

shlwapi

DllGetVersion
PathIsFileSpecA
PathAppendA
SHCreateStreamOnFileEx
PathIsContentTypeA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 152KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy