b6fe49b5e248c89f7da9ca677e8a39278beb84daf04e5d20445614e68fb94987 | Triage

Submit
Reports

Overview

overview

Static

static

b6fe49b5e2...87.exe

windows7-x64

b6fe49b5e2...87.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b6fe49b5e248c89f7da9ca677e8a39278beb84daf04e5d20445614e68fb94987.exe

Resource

win7-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

b6fe49b5e248c89f7da9ca677e8a39278beb84daf04e5d20445614e68fb94987.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

b6fe49b5e248c89f7da9ca677e8a39278beb84daf04e5d20445614e68fb94987
Size

273KB
MD5

911faa6aa7a0997d9a529ae6d131334a
SHA1

927d6f40be3621606afcfe3052bf57b5fd5f51e8
SHA256

b6fe49b5e248c89f7da9ca677e8a39278beb84daf04e5d20445614e68fb94987
SHA512

27db002270ad675e6fe480a7c7cf2e88a954c64769663922f8bab516af4d7ac2445463826c5af76c8d1fcd7967766efc7f668bc272550c5c6b73a9c640ac5029
SSDEEP

6144:D6FfPF+Ecw4Te+iT2DZWxKe5gmTv5GH8k1zn7OLmW3YdlcxuP:coXixx3gmTv5GHNn6LmUQO

Score

N/A

Malware Config

Signatures

Files

b6fe49b5e248c89f7da9ca677e8a39278beb84daf04e5d20445614e68fb94987
.exe windows x86

59ff7059d1e67d074429df3a99aca952

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
FindClose
InitializeCriticalSection
GetVersionExA
GetProcAddress
LockResource
GlobalSize
MulDiv
GetTickCount
Sleep
GetPrivateProfileIntW
LoadLibraryA
LoadResource
GetPrivateProfileStringW
lstrlenW
EnumResourceTypesA
FreeLibrary
DeleteCriticalSection
GetModuleHandleW
WritePrivateProfileStringW
GetDllDirectoryW
GetVersionExW
MultiByteToWideChar
LoadLibraryW
GetModuleFileNameW
FindFirstFileW
GetLocaleInfoW

shell32

DllGetVersion
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
ShellExecuteExA
SHGetPathFromIDListA
SHFileOperationW
SHGetFolderPathW
SHBrowseForFolderA
SHGetFileInfoA
Shell_NotifyIconA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy