3428962fd059d7878b160c15f158e45d2c57ac03a09fc559beb3712849235551 | Triage

Submit
Reports

Overview

overview

Static

static

3428962fd0...51.exe

windows7-x64

3428962fd0...51.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

3428962fd059d7878b160c15f158e45d2c57ac03a09fc559beb3712849235551.exe

Resource

win7-20220812-en

pony discovery persistence rat spyware stealer upx

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

3428962fd059d7878b160c15f158e45d2c57ac03a09fc559beb3712849235551.exe

Resource

win10v2004-20220812-en

pony discovery persistence rat spyware stealer upx

windows10-2004-x64

12 signatures

150 seconds

General

Target

3428962fd059d7878b160c15f158e45d2c57ac03a09fc559beb3712849235551
Size

87KB
MD5

35cd1c312203fc250c150a6d442c1c2a
SHA1

91e011cdda1dcb61b1076592e3d722047d71c9fb
SHA256

3428962fd059d7878b160c15f158e45d2c57ac03a09fc559beb3712849235551
SHA512

59b43f77da3f21af09d558b36af6351ff63ef02ef68faad57d53e89c556af894bc32d808e887e1a340125fbf2230635d11fe07904399366acfedeb910cda5d5a
SSDEEP

1536:BJlC9Iiag3B2esffjCznJtRaqiS2Bmfr393g7dQ8/WJNvbLIjCtDHQLeXcEgFt0L:lCIiagQPfjClRiSOgrJ4AJNzLIsQLEJh

Score

N/A

Malware Config

Signatures

Files

3428962fd059d7878b160c15f158e45d2c57ac03a09fc559beb3712849235551
.exe windows x86

5ceaf6ddcc7e4195efba99f6c6c87630

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetFocus

kernel32

lstrcpyW

shlwapi

StrCmpLogicalW

Exports

Exports

LowerForY
?RevekFall@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@Y
?ServletKon@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@Y

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DEPO
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy