0a2a8d0d33b1374f3ffc10c6b42c0174b85739825d2fee227aefe4454b7bde69 | Triage

Submit
Reports

Overview

overview

Static

static

0a2a8d0d33...69.exe

windows7-x64

0a2a8d0d33...69.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

0a2a8d0d33b1374f3ffc10c6b42c0174b85739825d2fee227aefe4454b7bde69.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a2a8d0d33b1374f3ffc10c6b42c0174b85739825d2fee227aefe4454b7bde69.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

0a2a8d0d33b1374f3ffc10c6b42c0174b85739825d2fee227aefe4454b7bde69
Size

119KB
MD5

a065fbd81081d888f3e885d248a6f299
SHA1

d23feb4cec0eecee397877ffb246c1270dbc1923
SHA256

0a2a8d0d33b1374f3ffc10c6b42c0174b85739825d2fee227aefe4454b7bde69
SHA512

59bb76e1df1c78b83f919b6a71bc2dd3dd0f6ca3ccd14d9cc4a40173ce2b506ee2b4fbe6ea4946af697a06f8c2240fae99502e4ce8bdad887af3d8fc371a8ab4
SSDEEP

1536:TXnSjC+0dQviVduMDrRVwYid8DMrs2HsuL1tec9yOSnikxkxyO1hB1groLau:T6C+YQviVMMD8d8DDil2cyikQHPr7au

Score

N/A

Malware Config

Signatures

Files

0a2a8d0d33b1374f3ffc10c6b42c0174b85739825d2fee227aefe4454b7bde69
.exe windows x86

129f9302fb23292f6910e56d485b1999

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
GetLogicalDrives
lstrcmpA
Heap32First
InterlockedIncrement
GetDiskFreeSpaceW
SetEnvironmentVariableA
FindResourceW
HeapCreate
GetDiskFreeSpaceW
GetPrivateProfileIntA
LoadLibraryA
GetPrivateProfileIntA
WaitForSingleObject
GetPrivateProfileSectionA
GetCurrentDirectoryA
InterlockedDecrement
GetLongPathNameA
GetModuleHandleW
GetExitCodeProcess
Sleep
GetStringTypeW
ReadFileEx

apphelp

ApphelpCheckExe
AllowPermLayer
ApphelpCheckIME
SdbCreateMsiTransformFile

clbcatq

ComPlusMigrate
CheckMemoryGates
SetupOpen
SetSetupSave
ComPlusMigrate
DllGetClassObject
CheckMemoryGates
DllGetClassObject
CheckMemoryGates
SetSetupSave
SetupOpen
ComPlusMigrate
SetupOpen

version

VerFindFileA

Sections

.text
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy