6f4cb04f5b90f25b8d490af8ff00da835aabec7291cdbaf7448c8a0d3030901e | Triage

Submit
Reports

Overview

overview

Static

static

6f4cb04f5b...1e.exe

windows7-x64

6f4cb04f5b...1e.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

6f4cb04f5b90f25b8d490af8ff00da835aabec7291cdbaf7448c8a0d3030901e.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

6f4cb04f5b90f25b8d490af8ff00da835aabec7291cdbaf7448c8a0d3030901e.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

6f4cb04f5b90f25b8d490af8ff00da835aabec7291cdbaf7448c8a0d3030901e
Size

133KB
MD5

49f2583a4ea7647995ac49c024ebf707
SHA1

96510414d29a7bd6a1b6a28db932bca58425b867
SHA256

6f4cb04f5b90f25b8d490af8ff00da835aabec7291cdbaf7448c8a0d3030901e
SHA512

55f0e9281e1edb736cfdc28ad012f914f8c911afdae5f76789676c8072b8a6fbbd43980b829ead403915c78b6dd13553408643ad2e2225fb9d5f9d2ff30f1e1c
SSDEEP

1536:ju8qlQHwpXhWUvx8m43mimH15tt0B9gRs8ru9iNA7lyjKUHZn:Nq+HEXhWSb433mHPtt0BIru9iNAIjZH

Score

N/A

Malware Config

Signatures

Files

6f4cb04f5b90f25b8d490af8ff00da835aabec7291cdbaf7448c8a0d3030901e
.exe windows x86

4749ce621af1fc9dce1e731633a1329f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
ReadConsoleW
OpenSemaphoreW
GetStartupInfoA
CreateDirectoryW
GlobalFree
GetModuleFileNameA
SetLastError
GetFileSize
TlsGetValue
GetTickCount
CloseHandle
LoadLibraryA
EnterCriticalSection
VirtualProtect
SetLastError
GetEnvironmentStringsW
OpenMutexA
lstrlenA
GetCommandLineA
WriteConsoleW
Sleep
CreateDirectoryA
RemoveDirectoryA
DeleteFileA

user32

IsWindow
FindWindowW
GetClassInfoA
GetWindowLongA
DrawTextA
GetSysColor
DispatchMessageA
DispatchMessageA
IsWindowEnabled
PeekMessageA
CallWindowProcA
SetFocus
DestroyMenu

cmutil

??1CIniW@@QAE@XZ
??1CIniA@@QAE@XZ
??_FCIniW@@QAEXXZ
??_FCIniA@@QAEXXZ

advapi32

RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy