7ba67aa859d08a7960ad74045076726b170451d1225c546cbc4a642df25a0fd9 | Triage

Submit
Reports

Overview

overview

Static

static

7ba67aa859...d9.exe

windows7-x64

7ba67aa859...d9.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

7ba67aa859d08a7960ad74045076726b170451d1225c546cbc4a642df25a0fd9.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

7ba67aa859d08a7960ad74045076726b170451d1225c546cbc4a642df25a0fd9.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

7ba67aa859d08a7960ad74045076726b170451d1225c546cbc4a642df25a0fd9
Size

136KB
MD5

afe878b97dc73dd2182de44c28497b64
SHA1

6dcddaaa5b106e32ad15e5ca65a696546a54989d
SHA256

7ba67aa859d08a7960ad74045076726b170451d1225c546cbc4a642df25a0fd9
SHA512

bedd400bd63197f63e8959ef3c035b95f5b80a02268dd0765d30509f8f74de6f8803d7a54f3b10e9a048d6c81201e091edd868ed5bbb0261cb9657c142ad348b
SSDEEP

3072:OkzpjHu4aYykbrAZshu8ogJ7b1Tk6xH/bC:OmjHzaYuB83LBH/bC

Score

N/A

Malware Config

Signatures

Files

7ba67aa859d08a7960ad74045076726b170451d1225c546cbc4a642df25a0fd9
.exe windows x86

4dc7d241e4a260d945f9b05c750efcb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetTickCount
GlobalFree
ReadConsoleW
GetStartupInfoA
CreateDirectoryA
DeleteFileA
lstrlenA
OpenMutexA
CreateDirectoryW
WriteConsoleA
SetEvent
EnterCriticalSection
RemoveDirectoryA
GetFileSize
Sleep
CloseHandle
LoadLibraryA
VirtualProtect
GetCommandLineA
SetLastError
CreateFileA
OpenSemaphoreA
GetModuleFileNameA
GetEnvironmentStringsW

user32

DispatchMessageA
PeekMessageA
FindWindowA
GetSysColor
DestroyMenu
GetWindowLongA
IsWindow
SetFocus
CallWindowProcW
GetClassInfoA
DrawTextW
DispatchMessageA
IsZoomed

cfgbkend

DllRegisterServer
DllUnregisterServer
DllCanUnloadNow
DllGetClassObject

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy