a2de3799b2ebdbd9ae795e89edd814c8727ebd0be1ab499a9cc79d7e26fd1c7b | Triage

Submit
Reports

Overview

overview

Static

static

a2de3799b2...7b.exe

windows7-x64

a2de3799b2...7b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a2de3799b2ebdbd9ae795e89edd814c8727ebd0be1ab499a9cc79d7e26fd1c7b.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

a2de3799b2ebdbd9ae795e89edd814c8727ebd0be1ab499a9cc79d7e26fd1c7b.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

a2de3799b2ebdbd9ae795e89edd814c8727ebd0be1ab499a9cc79d7e26fd1c7b
Size

280KB
MD5

b1a9e36cf40646f9a670e06019dd9528
SHA1

fd94592f51b10a92d940b99027337e2cf205c702
SHA256

a2de3799b2ebdbd9ae795e89edd814c8727ebd0be1ab499a9cc79d7e26fd1c7b
SHA512

ba07b8b43de43c2d85e887a0e2016f95338bccb0a8296d166ec5a5ec30da936e0acbdfdcc70d8817e5d1124e97ca72cd357e3b086b5837e6c2e07bba36aa5398
SSDEEP

6144:cknqQuncuHy0Yyl9FhYTtT8WaL3zNvBMg9lEIka8s4ULPrckiC:ckngcKy0fYhQjLjpBMg9EjC7iC

Score

N/A

Malware Config

Signatures

Files

a2de3799b2ebdbd9ae795e89edd814c8727ebd0be1ab499a9cc79d7e26fd1c7b
.exe windows x86

26d3d17a796d622da9d73cf7c1eaf7ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFullPathNameA
GetThreadLocale
GetDiskFreeSpaceA
GlobalFindAtomA
FlushFileBuffers
ReadFile
SetFilePointer
WideCharToMultiByte
SetStdHandle
UnhandledExceptionFilter
WriteFile
LCMapStringW
FreeEnvironmentStringsW
FindFirstFileA
EnumResourceNamesW
LCMapStringA
GetEnvironmentStringsW
GetStringTypeW
VirtualProtect
GetCPInfo
GetStringTypeA
GetEnvironmentStrings
GetFileAttributesA
GetOEMCP
IsBadReadPtr
GetStringTypeExW
FreeEnvironmentStringsA
IsBadCodePtr
SetUnhandledExceptionFilter
CreateFileA
MulDiv

shlwapi

SHGetInverseCMAP
SHCreateStreamOnFileEx
PathIsContentTypeA
PathIsFileSpecA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 146KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy