da763942f9c11a4df08a8f26f676a177729bc6a1eb6a6e10c08a0929fd32f685 | Triage

Submit
Reports

Overview

overview

Static

static

da763942f9...85.exe

windows7-x64

da763942f9...85.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

da763942f9c11a4df08a8f26f676a177729bc6a1eb6a6e10c08a0929fd32f685.exe

Resource

win7-20221111-en

pony discovery persistence rat spyware stealer upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

da763942f9c11a4df08a8f26f676a177729bc6a1eb6a6e10c08a0929fd32f685.exe

Resource

win10v2004-20221111-en

pony discovery persistence rat spyware stealer upx

windows10-2004-x64

11 signatures

150 seconds

General

Target

da763942f9c11a4df08a8f26f676a177729bc6a1eb6a6e10c08a0929fd32f685
Size

80KB
MD5

1f160c0e007ca94bb447de3a3409f07a
SHA1

aa4a46a3ef27807e6aaeb64aac22703cc875e107
SHA256

da763942f9c11a4df08a8f26f676a177729bc6a1eb6a6e10c08a0929fd32f685
SHA512

0e385a21945e6b696c0d378db7a49869a3c541a1af5bc15cd24439cc32c3790e6ce0efc788decd1a951d76a741468689b9abf97a003efd0d96833c74bc5eeb00
SSDEEP

1536:QUyU7CGQ5YQRPz4CLXdE5B3kArcMNPu3RkdoGotfRTdudpNkMAQKoCfYmLQ:QZtGQlRPMCLXCB0ArcMdwRk+GuRTdWpY

Score

N/A

Malware Config

Signatures

Files

da763942f9c11a4df08a8f26f676a177729bc6a1eb6a6e10c08a0929fd32f685
.exe windows x86

f7015f33371f4825d710818cc0f205e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetForegroundWindow
IsCharAlphaNumericW

kernel32

lstrcmpiW

Exports

Exports

?FinanceAssist@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t2
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t1
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t4
Size: 1024B - Virtual size: 753B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy