7c6201d19f71d69b13af49bb0774fe24ead8b66327de86e400fff1faa2c8a293 | Triage

Submit
Reports

Overview

overview

Static

static

7c6201d19f...93.exe

windows7-x64

7c6201d19f...93.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

7c6201d19f71d69b13af49bb0774fe24ead8b66327de86e400fff1faa2c8a293.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

7c6201d19f71d69b13af49bb0774fe24ead8b66327de86e400fff1faa2c8a293.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

7c6201d19f71d69b13af49bb0774fe24ead8b66327de86e400fff1faa2c8a293
Size

150KB
MD5

bbb79db2989b352bea7628a53dee7cf9
SHA1

eb8e6fec7864ad7360edababb1002d89144a3976
SHA256

7c6201d19f71d69b13af49bb0774fe24ead8b66327de86e400fff1faa2c8a293
SHA512

7b2389f6889835820bfdd4990d5dec02d03b7e5346010563db1431f25f2dfb3c2ffc8d8ddcb0fd5ab2917c6ad2404bb640f71a50d99a28da281022ccbf6fa74b
SSDEEP

3072:wPVcogbR50doxjSmM+jC5vpkQJG3aCdMk1zg/mM+n:wNvgbNxjZM+O5vaQJvCdrPM

Score

N/A

Malware Config

Signatures

Files

7c6201d19f71d69b13af49bb0774fe24ead8b66327de86e400fff1faa2c8a293
.exe windows x86

8c9d1f6d999862077c27c7ae5631f165

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPriorityClass
CreateMutexW
MapViewOfFile
LoadLibraryA
CreateHardLinkA
GetStartupInfoA
GetTickCount
OpenSemaphoreA
SetLastError
ReadConsoleA
GetStdHandle
CreateSemaphoreA
SetLastError
Sleep
GetFileSize
GetFileAttributesA
CreateFileA
HeapDestroy
SetEvent
GetLocalTime
CreateDirectoryW
VirtualProtect
GetProcessHeap
HeapSize
DeleteFileW

clbcatq

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

sqlwoa

_CharLower@4
_DeleteFile@4
_GetFileTitle@12
_CharUpper@4

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy