8ef7a5dd508186c705cbe2aa77e7622818daa4c79aeb1e468b09d34408ee5827 | Triage

Submit
Reports

Overview

overview

Static

static

8ef7a5dd50...27.exe

windows7-x64

8ef7a5dd50...27.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8ef7a5dd508186c705cbe2aa77e7622818daa4c79aeb1e468b09d34408ee5827.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

8ef7a5dd508186c705cbe2aa77e7622818daa4c79aeb1e468b09d34408ee5827.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

8ef7a5dd508186c705cbe2aa77e7622818daa4c79aeb1e468b09d34408ee5827
Size

284KB
MD5

2f4aa3bc956577321657573a1508bbc6
SHA1

d50403aed677440b6955fa99f943f07d788ed37d
SHA256

8ef7a5dd508186c705cbe2aa77e7622818daa4c79aeb1e468b09d34408ee5827
SHA512

74a45f46cd3860f4ae4c776225e8f1c2a218d193e568084dcc31364086602558e4c0b0d82e193ab63c433cec7e81c1dc798c6ab8c6150ed0854b57be3ac7513b
SSDEEP

6144:2gudlBbp+iefTt1UKbHK3MmWQ8W+wIBpUKs7YSkN+rNOz82XlfbL:Puhk0KbopWQjF1YStZO42Xl/

Score

N/A

Malware Config

Signatures

Files

8ef7a5dd508186c705cbe2aa77e7622818daa4c79aeb1e468b09d34408ee5827
.exe windows x86

98997d52b20821fec6da0117cfb1d2f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
TlsSetValue
GlobalGetAtomNameW
VirtualAlloc
GetOEMCP
HeapSize
GetTimeFormatA
WriteConsoleA
HeapReAlloc
GetConsoleOutputCP
MultiByteToWideChar
GetDateFormatA
EnumResourceTypesW
TlsAlloc
RtlUnwind
SetFilePointer
SetUserGeoID
IsValidCodePage
GetLocaleInfoA
GetCPInfo
GetACP
TlsGetValue
RaiseException

shell32

SHGetUnreadMailCountW
DragAcceptFiles
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteExA
SHBrowseForFolderA
Shell_NotifyIconA

user32

PeekMessageA
DispatchMessageA
DispatchMessageW
CharNextA
GetDesktopWindow
LoadStringA
MessageBoxA
wsprintfA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy