67d21652ae72eaf18d8d5a14a2bcb1e1ffc29ab5d3af54882dee707815eaa384 | Triage

Submit
Reports

Overview

overview

Static

static

67d21652ae...84.exe

windows7-x64

67d21652ae...84.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

67d21652ae72eaf18d8d5a14a2bcb1e1ffc29ab5d3af54882dee707815eaa384.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

67d21652ae72eaf18d8d5a14a2bcb1e1ffc29ab5d3af54882dee707815eaa384.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

67d21652ae72eaf18d8d5a14a2bcb1e1ffc29ab5d3af54882dee707815eaa384
Size

130KB
MD5

62fba5b166232e51a516096d1e3c094a
SHA1

01d7a2cc41e37524c14cb256fb8f3afec3782d90
SHA256

67d21652ae72eaf18d8d5a14a2bcb1e1ffc29ab5d3af54882dee707815eaa384
SHA512

f9f83b3a0949961565978bfcf063787199efdcca192a0c4c4b75c9adfeaf675219172f230f82d6754f82237c381ffab5bba02bdb36169ef42a1b4c38458e8e92
SSDEEP

3072:T8hW4UIy6OnCi2KTxK+4owC1MbMlKon6e:T8hW4UfCrKTxKXovAMl3

Score

N/A

Malware Config

Signatures

Files

67d21652ae72eaf18d8d5a14a2bcb1e1ffc29ab5d3af54882dee707815eaa384
.exe windows x86

a777c3dc63704e40e7123212379c2a59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetTickCount
DeleteFileW
CreateMutexA
VirtualProtectEx
CreateHardLinkW
CreateSemaphoreA
HeapSize
SetLastError
GetStartupInfoA
SetLastError
Sleep
GetLocalTime
CloseHandle
ReadConsoleW
lstrlenA
SetEvent
CreateDirectoryW
LoadLibraryA
GetProcessHeap
GlobalFree

rsaenh

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer

traffic

TcAddFlow
TcDeleteFlow
TcAddFilter
TcDeleteFilter

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy