dddc84843c9f19f96e6a95572a75685aa38fd17261baeb9da4fc0680285bd4c1 | Triage

Submit
Reports

Overview

overview

Static

static

dddc84843c...c1.exe

windows7-x64

dddc84843c...c1.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

dddc84843c9f19f96e6a95572a75685aa38fd17261baeb9da4fc0680285bd4c1.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

dddc84843c9f19f96e6a95572a75685aa38fd17261baeb9da4fc0680285bd4c1.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

dddc84843c9f19f96e6a95572a75685aa38fd17261baeb9da4fc0680285bd4c1
Size

130KB
MD5

810a1098677fa3c654ff843e9610d26a
SHA1

6a572b247580b1b4775a24b53f7be52e768f4868
SHA256

dddc84843c9f19f96e6a95572a75685aa38fd17261baeb9da4fc0680285bd4c1
SHA512

2eefbf5b3982218482e43a38b395e86f82a76325a2864287b1c11efe52c69b1ac68988668c2875bc810edebac32002eca0caffa0381020264bfe557c3484c1a1
SSDEEP

1536:2ufzrFVbvvfd56en7pYdmhgTUlVEX1e59luIcjSWbzvBFtOClwDlW:TfbLd8e9G+lVEIrlujR7ByOp

Score

N/A

Malware Config

Signatures

Files

dddc84843c9f19f96e6a95572a75685aa38fd17261baeb9da4fc0680285bd4c1
.exe windows x86

258c05a7cde3809e126b9cba10d4db83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CloseHandle
GetConsoleTitleA
lstrlenW
GetTickCount
CreateFileA
GetModuleFileNameA
CancelIo
GetConsoleTitleA
DeleteFileA
Sleep
WriteConsoleW
GetEnvironmentStringsW
TlsGetValue
CancelIo
RemoveDirectoryA
VirtualProtectEx
CreateDirectoryW
GetStartupInfoA
GetCalendarInfoA
GetModuleHandleA
GetFileSize
EnterCriticalSection
GetCommandLineW
ReadFile

user32

IsWindowEnabled
GetClassInfoA
DestroyMenu
CreateIcon
PeekMessageA
DispatchMessageA
MessageBoxA
GetSysColor
wsprintfA
IsWindowVisible
IsWindow
GetWindowLongA
GetWindowLongA

console

CPlApplet
CPlApplet
CPlApplet
CPlApplet

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy