337bdd724065979e7e924c00ce530a2f20d51aca123e59bff34ab6e434e574f2 | Triage

Submit
Reports

Overview

overview

Static

static

337bdd7240...f2.exe

windows7-x64

337bdd7240...f2.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

337bdd724065979e7e924c00ce530a2f20d51aca123e59bff34ab6e434e574f2.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

337bdd724065979e7e924c00ce530a2f20d51aca123e59bff34ab6e434e574f2.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

337bdd724065979e7e924c00ce530a2f20d51aca123e59bff34ab6e434e574f2
Size

105KB
MD5

7de0574716e70d50a85b4861d9144cd1
SHA1

c3d95c99a529f55d0358c847c773081d321e54fc
SHA256

337bdd724065979e7e924c00ce530a2f20d51aca123e59bff34ab6e434e574f2
SHA512

5beb7a79264e69e0b481f7f53c157350ac707f51cca7689464a2a5ad06f3fd72c981647c6af83ca996ec60d1841734f987eeb113442ecb0d89799640974682e8
SSDEEP

3072:WKKJ7rL659FUk0TaHoBU4lyOferrWcJbK+srqGBWooXmLmBIr:1WrL65/EKoVVGrf9srqGsoQmLmBO

Score

N/A

Malware Config

Signatures

Files

337bdd724065979e7e924c00ce530a2f20d51aca123e59bff34ab6e434e574f2
.exe windows x86

d393e61df5f68971f83abdc113eafcf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
CloseHandle
FindAtomA
ExitProcess
WaitForSingleObject
ReleaseMutex
CreateFileA
GetEnvironmentVariableA
ResetEvent
VirtualAlloc
ResumeThread
GetModuleHandleA
FindVolumeClose
GetTickCount
SetEndOfFile
GetFileSize
EnterCriticalSection
GetStartupInfoW
GetTickCount
SetFileAttributesA
DeleteFileA
IsBadCodePtr
HeapSize
HeapDestroy
FindVolumeClose

wininet

FtpPutFileA
HttpEndRequestA
HttpQueryInfoA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryA
FtpGetCurrentDirectoryW
DeleteUrlCacheEntryA
FtpGetFileW
FtpOpenFileA
FtpFindFirstFileA
FindCloseUrlCache
FtpDeleteFileA
FtpCreateDirectoryW

sisbkup

SisRestoredLink
SisRestoredLink
SisRestoredLink
SisRestoredLink

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy