59237a26e007c0d0482ca7e6c36d4060e7509cf5a44c0d1fdf51e7018d963f03 | Triage

Submit
Reports

Overview

overview

Static

static

59237a26e0...03.exe

windows7-x64

59237a26e0...03.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

59237a26e007c0d0482ca7e6c36d4060e7509cf5a44c0d1fdf51e7018d963f03.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

59237a26e007c0d0482ca7e6c36d4060e7509cf5a44c0d1fdf51e7018d963f03.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

59237a26e007c0d0482ca7e6c36d4060e7509cf5a44c0d1fdf51e7018d963f03
Size

133KB
MD5

72132da16ed9d71a97b8cb11d6c278aa
SHA1

5b7cb6a3642cbe04faf03ecd9a10af966baf2172
SHA256

59237a26e007c0d0482ca7e6c36d4060e7509cf5a44c0d1fdf51e7018d963f03
SHA512

43e4bd10b75560049f34c0f16648942046563234938cbbb4067bff2d9a204a711592161476e151d53568877f3c469c15c9443c2cdac307cdccac3e253f52057b
SSDEEP

3072:hklQWqS/xe1nW7eF8cofCdLUb2HFpkeoLP:+lQhyQW7G8ckC1C2HFpkeoL

Score

N/A

Malware Config

Signatures

Files

59237a26e007c0d0482ca7e6c36d4060e7509cf5a44c0d1fdf51e7018d963f03
.exe windows x86

98f137dba5937bc884449d86d390d00f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SetLastError
WriteConsoleA
SetEvent
GetFileSize
lstrlenA
OpenMutexA
SetLastError
LoadLibraryA
EnterCriticalSection
CloseHandle
GetEnvironmentStringsW
GetTickCount
VirtualProtect
CreateDirectoryA
RemoveDirectoryA
ReadConsoleW
GetModuleFileNameA
GlobalFree
DeleteFileA
OpenSemaphoreW
CreateDirectoryW
GetStartupInfoA
CreateFileA
GetCommandLineA

user32

GetClassInfoA
DispatchMessageA
IsWindow
DrawTextA
CallWindowProcA
PeekMessageA
DestroyMenu
DispatchMessageA
FindWindowA
GetSysColor
IsZoomed
SetFocus
GetWindowLongA

cfgbkend

DllUnregisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

advapi32

RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy