3ec4593066236222bad584daa6b90ca307a6830e19fa5f36d6719629c32ddc24 | Triage

Submit
Reports

Overview

overview

Static

static

3ec4593066...24.exe

windows7-x64

3ec4593066...24.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

3ec4593066236222bad584daa6b90ca307a6830e19fa5f36d6719629c32ddc24.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3ec4593066236222bad584daa6b90ca307a6830e19fa5f36d6719629c32ddc24.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

3ec4593066236222bad584daa6b90ca307a6830e19fa5f36d6719629c32ddc24
Size

121KB
MD5

8edd479c3e730a7d9777675b788b6374
SHA1

b303a76176f2cc39d237588d5faa8e761fba040d
SHA256

3ec4593066236222bad584daa6b90ca307a6830e19fa5f36d6719629c32ddc24
SHA512

556c04a1f843e1be529bb983311ae0eeaa3f53f52c2df094e98ccf6c5961fc66d80b79709d3f9aeda2cc9362637f08a4ee09dcf8a880738798a90fdf84def3b8
SSDEEP

3072:1IPJhWEK+C/CDSamHplh8aGv6Heawnh06:2PJqB2SDQfbT0

Score

N/A

Malware Config

Signatures

Files

3ec4593066236222bad584daa6b90ca307a6830e19fa5f36d6719629c32ddc24
.exe windows x86

9af7c188e453ed3790726264b29468b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
lstrcpyA
Sleep
GetStartupInfoA
CreateNamedPipeW
FileTimeToLocalFileTime
GetModuleFileNameA
GetStdHandle
GetConsoleAliasW
GetVolumePathNameW
SetLastError
lstrcpyA
lstrcpyA
lstrcpyA
HeapCreate
GetCommState
DeleteFileA
IsValidLocale
GetModuleHandleA
lstrlenW
CreateEventA
GetProcessHeap
GetLogicalDriveStringsW

sqlunirl

_AddAtom_@4
wsprintf_
AbortSystemShutdown_
_AppendMenu_@16

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ORPC
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy