5cdbc007dc2fe0ca646041be1af0c32848ee97ddd41c00b7a925f35bf01c16cb | Triage

Submit
Reports

Overview

overview

Static

static

5cdbc007dc...cb.exe

windows7-x64

5cdbc007dc...cb.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5cdbc007dc2fe0ca646041be1af0c32848ee97ddd41c00b7a925f35bf01c16cb.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

5cdbc007dc2fe0ca646041be1af0c32848ee97ddd41c00b7a925f35bf01c16cb.exe

Resource

win10v2004-20220901-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

5cdbc007dc2fe0ca646041be1af0c32848ee97ddd41c00b7a925f35bf01c16cb
Size

112KB
MD5

7bf78f61f92547f27eda7923c9a49041
SHA1

94b4e40d3836620f2164555789395416d41c4776
SHA256

5cdbc007dc2fe0ca646041be1af0c32848ee97ddd41c00b7a925f35bf01c16cb
SHA512

0f36a1db34dc4960d8af0ece7d8eb41ee7421b3ceb43b2ac8e4136058b752c0cc5a892716d3d7c73e51f75b71f47ca6251198dce30584748ed588005f50151b7
SSDEEP

3072:3PzqP6DrYBoXdZNFrQyJixddpUKXlLIdIm3sNqB76:bqy3Hz8eyddyExSIpR

Score

N/A

Malware Config

Signatures

Files

5cdbc007dc2fe0ca646041be1af0c32848ee97ddd41c00b7a925f35bf01c16cb
.exe windows x86

c6bffe20789efb498b2731e01b08e85e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
GetStdHandle
GetExitCodeProcess
lstrcmpiA
lstrcmpiA
GetDriveTypeA
GetTickCount
SetLastError
CreateNamedPipeA
GetBinaryTypeA
lstrcmpiA
EndUpdateResourceA
HeapCreate
IsValidCodePage
Sleep
FileTimeToLocalFileTime
lstrlenA
TlsFree
GetLogicalDrives
lstrcmpiA
lstrcmpiA
CreateWaitableTimerW
GetModuleHandleA

odbccp32

SQLConfigDataSource
SQLGetTranslator
SQLGetInstalledDrivers
SQLInstallDriver

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy