e6955af7735749bd3cfa94cc126b5639a02c0416f6255a9bcbd44b18434e8f85 | Triage

Submit
Reports

Overview

overview

Static

static

e6955af773...85.exe

windows7-x64

e6955af773...85.exe

windows10-2004-x64

3

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

e6955af7735749bd3cfa94cc126b5639a02c0416f6255a9bcbd44b18434e8f85.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

e6955af7735749bd3cfa94cc126b5639a02c0416f6255a9bcbd44b18434e8f85.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

e6955af7735749bd3cfa94cc126b5639a02c0416f6255a9bcbd44b18434e8f85
Size

118KB
MD5

3a46fcc983db9564d3577d8165cbdb20
SHA1

94578c03a1a26efc90806eb2e1d54fe196393598
SHA256

e6955af7735749bd3cfa94cc126b5639a02c0416f6255a9bcbd44b18434e8f85
SHA512

46ab8e0bed23c1d55e55860bd7cd813aa923ca7c985bf34cd5576d330542344d30521ff01197728b23912e488f278a4922733ab5f9482bc53f7bd4ac0a512807
SSDEEP

1536:Hfk7HUU3zgxUmmugnQ+sJ8e5AfjODzJ9YFLK66JrZf2iTWsB:HAHUU3MuKYQZGfjefYhird2C

Score

N/A

Malware Config

Signatures

Files

e6955af7735749bd3cfa94cc126b5639a02c0416f6255a9bcbd44b18434e8f85
.exe windows x86

fc4e72d4011d84dec3b2f8788243bc32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextVolumeW
SetVolumeLabelA
CreateFileA
GetFullPathNameW
FindClose
GetFullPathNameW
GetModuleHandleA
ReadConsoleW
CreateEventA
VirtualFree
Sleep
GetStringTypeA
HeapCreate
CreateSemaphoreA
GetConsoleMode
GetCurrentDirectoryW
CreateFileMappingA
CopyFileA
GetVolumePathNameW
GetModuleHandleW
FindClose
GetEnvironmentVariableW

dbghelp

FindFileInPath
ImageRvaToVa
ImageRvaToSection
ImageNtHeader

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avdr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy