52e8a8974b23a9829e0ed950f2b078f15ea64aa92f19a401e45de2111f68e079 | Triage

Submit
Reports

Overview

overview

Static

static

52e8a8974b...79.exe

windows7-x64

52e8a8974b...79.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

52e8a8974b23a9829e0ed950f2b078f15ea64aa92f19a401e45de2111f68e079.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

52e8a8974b23a9829e0ed950f2b078f15ea64aa92f19a401e45de2111f68e079.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

52e8a8974b23a9829e0ed950f2b078f15ea64aa92f19a401e45de2111f68e079
Size

109KB
MD5

34c4e6a9cee20df570419d393aa51c20
SHA1

241a60763629f54ecbce6f29f7f08c1cf954c890
SHA256

52e8a8974b23a9829e0ed950f2b078f15ea64aa92f19a401e45de2111f68e079
SHA512

46270c77c2cb868f6022f36e27b299134d9d855c0a42d0c4b3706d4c9b38f71ca2f6fce6f7b35ee8bcc5a4d8bceb75d5bc8996c3cb8e5e2017938eaa842a56cb
SSDEEP

3072:d4HkKfjxgNJ5zap82LwTyzotwJWVaNFP1Mcx3:GEKfl0zaLIyG3a79MQ

Score

N/A

Malware Config

Signatures

Files

52e8a8974b23a9829e0ed950f2b078f15ea64aa92f19a401e45de2111f68e079
.exe windows x86

c5e6c85acb05fb8f8c4816483a9a6d82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetModuleHandleA
lstrlenA
GetCommandLineA
GetCurrentDirectoryW
ExitThread
MapViewOfFile
GlobalLock
HeapCreate
CloseHandle
GetFileAttributesA
EnterCriticalSection
GlobalSize
GetEnvironmentVariableW
ReadFile
SetLastError
GetFileTime
SetFileAttributesW
GetFileType
GetCommandLineW
FindClose
GetDriveTypeA
SetLastError
HeapFree
WaitForMultipleObjects

uxtheme

SetWindowTheme
CloseThemeData
DrawThemeEdge
GetThemeTextMetrics
GetThemeEnumValue
CloseThemeData
DrawThemeBackground
GetWindowTheme
GetThemeColor
IsThemeActive
OpenThemeData
GetThemeBool
GetThemeTextExtent

dispex

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy