e7a85f61131712598346439ec0be584237ce95375a179e1d4c88e139e1ce04d4 | Triage

Submit
Reports

Overview

overview

Static

static

e7a85f6113...d4.exe

windows7-x64

e7a85f6113...d4.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e7a85f61131712598346439ec0be584237ce95375a179e1d4c88e139e1ce04d4.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e7a85f61131712598346439ec0be584237ce95375a179e1d4c88e139e1ce04d4.exe

Resource

win10v2004-20220812-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

e7a85f61131712598346439ec0be584237ce95375a179e1d4c88e139e1ce04d4
Size

119KB
MD5

18280b58ed87d97ccd970e579a063570
SHA1

f4e7ae852d8529bf05883ee6eba70cf44fc64b70
SHA256

e7a85f61131712598346439ec0be584237ce95375a179e1d4c88e139e1ce04d4
SHA512

556b338b08aadb7aabc72f3a85004a853823e1c5f970c9fcb3c2d374ac1a8a16623c4df319aeab18880dae7f24b7da6626ca111ad78b43f9143238d209d132d4
SSDEEP

3072:gVZD+7UfWwzqi6QETwmb9Ep21E+E9xp2I///////PrZqrz1rrrrrrrrrrrrrrrrb:Gzq7QE7ZRkpx///////jA

Score

N/A

Malware Config

Signatures

Files

e7a85f61131712598346439ec0be584237ce95375a179e1d4c88e139e1ce04d4
.exe windows x86

7bf7a8e8889606add874844a471fca7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetLongPathNameA
GetLogicalDrives
Sleep
SetEnvironmentVariableA
LoadLibraryA
lstrcpyW
FindResourceW
GetDiskFreeSpaceW
Heap32First
GetExitCodeProcess
InterlockedDecrement
GetDiskFreeSpaceW
InterlockedIncrement
ReadFileEx
WaitForSingleObject
lstrcmpA
GetCurrentDirectoryA
GetPrivateProfileIntA
HeapCreate
GetStringTypeW
GetModuleHandleW
GetPrivateProfileSectionA

apphelp

AllowPermLayer
SdbCreateMsiTransformFile
ApphelpCheckIME
ApphelpCheckExe

clbcatq

SetupOpen
SetSetupSave
ComPlusMigrate
ComPlusMigrate
DllGetClassObject
ComPlusMigrate
SetSetupSave
SetupOpen
CheckMemoryGates
CheckMemoryGates
SetupOpen
CheckMemoryGates
DllGetClassObject

version

VerFindFileA

Sections

.text
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy