89cb2ac00e6a11f3836b2e82d099b512c7655d0ab3730b86835f589e1de507b0 | Triage

Submit
Reports

Overview

overview

Static

static

89cb2ac00e...b0.exe

windows7-x64

89cb2ac00e...b0.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

89cb2ac00e6a11f3836b2e82d099b512c7655d0ab3730b86835f589e1de507b0.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

89cb2ac00e6a11f3836b2e82d099b512c7655d0ab3730b86835f589e1de507b0.exe

Resource

win10v2004-20220901-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

89cb2ac00e6a11f3836b2e82d099b512c7655d0ab3730b86835f589e1de507b0
Size

118KB
MD5

0f0654f961c0d70ac6c8bf2255e7e430
SHA1

64ede964947f6a76627bc479467f28eef8b9f312
SHA256

89cb2ac00e6a11f3836b2e82d099b512c7655d0ab3730b86835f589e1de507b0
SHA512

c02eb43cf8855485a0d80df3d0ff663d05f3a333b71bb08f2d9a39da4f1a5e63138562fb3053fbacd7f9155260aaee5488e5236cdf08104956c118c21508af8b
SSDEEP

1536:yUOvNo9MHZR91wXbg+lqHVMpDBbGDgPKpOKli04EiFHZ6o+pPi3O/F7a5rlrg:yUqNsMz91mlq+9g0xKk04VFHMPJN

Score

N/A

Malware Config

Signatures

Files

89cb2ac00e6a11f3836b2e82d099b512c7655d0ab3730b86835f589e1de507b0
.exe windows x86

61bc2f09fd4769cded6f38a27c209196

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
SetCurrentDirectoryA
GetShortPathNameW
CreateSemaphoreW
DeleteFileA
CreatePipe
WriteConsoleW
DeleteFileA
GetACP
VirtualAlloc
GetStringTypeW
SetVolumeLabelW
LoadLibraryA
CreateMailslotA
GetProcessHeap
FatalExit
CreateFileMappingW
SetEnvironmentVariableA
GetConsoleAliasA
GetStringTypeW
DeleteFileA
DeviceIoControl
GetModuleHandleW

mshtml

ShowModelessHTMLDialog
ShowHTMLDialog
DllEnumClassObjects
ShowModalDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy