688d7101ab892a892dd8e8f00e23295ad40f4d72e3840fb9a95f585a69f0d270 | Triage

Submit
Reports

Overview

overview

Static

static

688d7101ab...70.exe

windows7-x64

688d7101ab...70.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

688d7101ab892a892dd8e8f00e23295ad40f4d72e3840fb9a95f585a69f0d270.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

688d7101ab892a892dd8e8f00e23295ad40f4d72e3840fb9a95f585a69f0d270.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

688d7101ab892a892dd8e8f00e23295ad40f4d72e3840fb9a95f585a69f0d270
Size

134KB
MD5

ffc326a6cd7be03543b96ea218f90e2c
SHA1

42a8dc0b5a26cd08272c7721a1d7ad555106e2ce
SHA256

688d7101ab892a892dd8e8f00e23295ad40f4d72e3840fb9a95f585a69f0d270
SHA512

001cb3c17f906115342d3e4a3c36820fc47b17907bf18e4fdef393b8412bfa19fd0987fa2584d9dceb631d0d17724542190639342f12eefb4bbc21cb809fb4b6
SSDEEP

3072:Wz3CyCBiPAae9SxAcnuGYSNytBEY943D9Ppb8LC:K3CLw7yenuG0BEM+pN

Score

N/A

Malware Config

Signatures

Files

688d7101ab892a892dd8e8f00e23295ad40f4d72e3840fb9a95f585a69f0d270
.exe windows x86

2c1a372c85a2226f6b27026b74dd390e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GlobalFree
lstrlenW
ReadFile
GetCommandLineA
Sleep
EnterCriticalSection
RemoveDirectoryA
TlsGetValue
CancelIo
VirtualProtect
WriteConsoleW
GetEnvironmentStringsW
GetStartupInfoA
CloseHandle
DeleteFileA
CreateDirectoryA
GetFileSize
GetModuleFileNameA
GetConsoleTitleA
GetTickCount
CreateDirectoryA
GetConsoleTitleA
CreateFileA
CancelIo

user32

GetWindowLongA
IsWindow
CreateIcon
DestroyMenu
wsprintfA
MessageBoxA
GetClassInfoA
IsWindowVisible
IsWindowEnabled
GetSysColor
GetWindowLongA
PeekMessageA
DispatchMessageA

cmutil

??_FCIniW@@QAEXXZ
??_FCIniA@@QAEXXZ
??1CIniA@@QAE@XZ
??1CIniW@@QAE@XZ

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy