6dd9d2a7cc726ad13c9474d8d05e1f023672aa955a74bdf749c3167433494197 | Triage

Submit
Reports

Overview

overview

Static

static

6dd9d2a7cc...97.exe

windows7-x64

6dd9d2a7cc...97.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

6dd9d2a7cc726ad13c9474d8d05e1f023672aa955a74bdf749c3167433494197.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

6dd9d2a7cc726ad13c9474d8d05e1f023672aa955a74bdf749c3167433494197.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

6dd9d2a7cc726ad13c9474d8d05e1f023672aa955a74bdf749c3167433494197
Size

133KB
MD5

08b0862c7f88e4622ec3e7a51cfbf17f
SHA1

deeb116499a129e5c0d9867d650931e50903d60f
SHA256

6dd9d2a7cc726ad13c9474d8d05e1f023672aa955a74bdf749c3167433494197
SHA512

28a1aafe2e7a0e9a6bca3e7b34ddd542198df7be0fcaac2e98135c4c0f6bb70fa3ace34411318552ae9779a9eba9340d64d226544412faf26476e5dfe56f05dc
SSDEEP

3072:chVqApsCZqI1LvGqB2WEQdTdiq6GtcQ1MWZa:QHlL1L8WLdd/6Gtc6MQa

Score

N/A

Malware Config

Signatures

Files

6dd9d2a7cc726ad13c9474d8d05e1f023672aa955a74bdf749c3167433494197
.exe windows x86

4e647d831cb70ac7cf768e6a4264b157

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
OpenSemaphoreW
GetModuleFileNameA
GlobalFree
GetEnvironmentStringsW
GetCommandLineA
DeleteFileA
SetEvent
OpenMutexA
GetFileSize
GetStartupInfoA
VirtualProtect
ReadConsoleW
CreateDirectoryW
CreateFileA
RemoveDirectoryA
EnterCriticalSection
LoadLibraryA
SetLastError
GetTickCount
Sleep
CreateDirectoryA
SetLastError
CloseHandle
WriteConsoleA

user32

DispatchMessageA
PeekMessageA
DispatchMessageA
GetWindowLongA
CallWindowProcW
DrawTextW
DestroyMenu
SetFocus
IsZoomed
GetClassInfoA
IsWindow
FindWindowA
GetSysColor

cfgbkend

DllUnregisterServer
DllGetClassObject
DllCanUnloadNow
DllRegisterServer

advapi32

RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy