d0b6ad5fb85e3eea9ddaec949b73584f8ea66996ccca004033f5efc7baca3ea9 | Triage

Submit
Reports

Overview

overview

Static

static

d0b6ad5fb8...a9.exe

windows7-x64

d0b6ad5fb8...a9.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d0b6ad5fb85e3eea9ddaec949b73584f8ea66996ccca004033f5efc7baca3ea9.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

d0b6ad5fb85e3eea9ddaec949b73584f8ea66996ccca004033f5efc7baca3ea9.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

d0b6ad5fb85e3eea9ddaec949b73584f8ea66996ccca004033f5efc7baca3ea9
Size

130KB
MD5

ba88fac4a6e97ba0be69edafaf7a6686
SHA1

96e4644a9da04126c8eb38fde725f39db491ee92
SHA256

d0b6ad5fb85e3eea9ddaec949b73584f8ea66996ccca004033f5efc7baca3ea9
SHA512

d5a98f453abf655c25a33324bae7b1ebfd219ee58d8a6b4f35e69d2798808547f543f63157900df9980fcb76b534db9ff5457e83f99bd58638217ca24f9c6604
SSDEEP

1536:F73OOvDlRrs2WUq0gqTaK6pA70CwZH75QAzaytzhizbC15hGJqFtvRP8P3LEUMhO:t3Oz2W4gqAq0CCQ9y0z0XGJGuBM5mUQ

Score

N/A

Malware Config

Signatures

Files

d0b6ad5fb85e3eea9ddaec949b73584f8ea66996ccca004033f5efc7baca3ea9
.exe windows x86

bcab07d3c2ab8ae6079a1a455ea6440d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
CancelIo
GetTickCount
GetStartupInfoA
EnterCriticalSection
WriteConsoleW
GetCommandLineW
TlsGetValue
GetModuleFileNameA
DeleteFileA
GetFileSize
RemoveDirectoryA
CancelIo
GetConsoleTitleW
InitializeCriticalSection
GetCalendarInfoA
GetModuleHandleA
CreateDirectoryW
VirtualProtectEx
GlobalFree
CloseHandle
ReadFile
Sleep
CreateFileA
LeaveCriticalSection

user32

GetSysColor
IsWindow
GetWindowLongA
PeekMessageA
DispatchMessageA
IsWindowEnabled
wsprintfA
GetWindowLongA
CreateIcon
IsWindowVisible
DestroyMenu
MessageBoxA
GetClassInfoA

cryptdlg

CertTrustCleanup
CertTrustInit
CertConfigureTrustA
CertTrustCertPolicy

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy