c524b0bbca1434abfab0a9002e2d3b2bd6d0f71f1d3fbc320d1dba155e4e472b | Triage

Submit
Reports

Overview

overview

Static

static

c524b0bbca...2b.exe

windows7-x64

c524b0bbca...2b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c524b0bbca1434abfab0a9002e2d3b2bd6d0f71f1d3fbc320d1dba155e4e472b.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

c524b0bbca1434abfab0a9002e2d3b2bd6d0f71f1d3fbc320d1dba155e4e472b.exe

Resource

win10v2004-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

c524b0bbca1434abfab0a9002e2d3b2bd6d0f71f1d3fbc320d1dba155e4e472b
Size

263KB
MD5

bb882cc93a65901b5d897f2fdb8641d8
SHA1

13a3e2fa26ff314c7dccc1be6b1afd6a3625cd04
SHA256

c524b0bbca1434abfab0a9002e2d3b2bd6d0f71f1d3fbc320d1dba155e4e472b
SHA512

645dd73769a66426d6d3237ea2ef87c667b3e573baa54331473402fbfee9feed715a8912f825fb1257647542e465f0a8098e8c266bf085c7a8ebadd8beb0a5e0
SSDEEP

6144:AMCjh1YcEq1J1IE0YBlq5FMyOn3cF9lGoKhDM7HoGH:DCsjqDFHBs8yOcIoKhIL9H

Score

N/A

Malware Config

Signatures

Files

c524b0bbca1434abfab0a9002e2d3b2bd6d0f71f1d3fbc320d1dba155e4e472b
.exe windows x86

7680278fb4021421436eff24ca90af51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSUnRegisterSessionNotification
WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW
WTSRegisterSessionNotification

kernel32

GetCurrentProcessId
CreateProcessA
HeapSize
InterlockedExchange
lstrlenA
GetCurrentThreadId
RaiseException
HeapFree
HeapFree
HeapDestroy
IsDebuggerPresent
HeapAlloc
GetTickCount
GetStartupInfoA
GetACP
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleA
GetLocaleInfoA
GetEnvironmentVariableA
InterlockedCompareExchange
GetProcessHeap
Sleep
HeapReAlloc
GetSystemTime
EnumResourceTypesW
WideCharToMultiByte
LoadLibraryExW
WriteFile
LoadLibraryW
CloseHandle
LocalAlloc
CompareFileTime
SystemTimeToFileTime
GetThreadLocale
CreateFileW
lstrlenW
MultiByteToWideChar
TerminateProcess
GetStdHandle
SetUnhandledExceptionFilter
GetCurrentProcess
UnhandledExceptionFilter
lstrcpynW

oleacc

LresultFromObject
AccessibleObjectFromEvent

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy