d69fbf2e9ce11c643078f8fee9370272a0a29e8fb02f89ddfed119ca8030c0b9 | Triage

Submit
Reports

Overview

overview

Static

static

d69fbf2e9c...b9.exe

windows7-x64

d69fbf2e9c...b9.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d69fbf2e9ce11c643078f8fee9370272a0a29e8fb02f89ddfed119ca8030c0b9.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

d69fbf2e9ce11c643078f8fee9370272a0a29e8fb02f89ddfed119ca8030c0b9.exe

Resource

win10v2004-20220901-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

d69fbf2e9ce11c643078f8fee9370272a0a29e8fb02f89ddfed119ca8030c0b9
Size

117KB
MD5

1fcf7461e9ead58997e5d2cc608631f0
SHA1

2a4b8a0d172c5001c973e134cf8c0735b55ba69c
SHA256

d69fbf2e9ce11c643078f8fee9370272a0a29e8fb02f89ddfed119ca8030c0b9
SHA512

85722bbdccb3d35b0977ede08c705e305e2b1b114b1701ca66e67c09f8b4ff2d662ec3420133e9e5f39884810bf87788f2b5ca7cfc844156e84591c0bf6dc11e
SSDEEP

1536:w+CTYlYM0hwSs5tUZXymY2RpJKbyMSJx+08NcLHPeHOQsscfI9bVFz3FdG:w+IM8wB5mhR6QJx+5WjexFV1VFzy

Score

N/A

Malware Config

Signatures

Files

d69fbf2e9ce11c643078f8fee9370272a0a29e8fb02f89ddfed119ca8030c0b9
.exe windows x86

fc5dca53ee42c5f3347cd4a543e28285

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
Heap32Next
GetACP
DeleteFileA
GetModuleHandleA
GetModuleHandleW
GetProcessHeap
HeapFree
HeapCreate
CreateFileMappingW
GetShortPathNameW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetConsoleTitleA
WriteConsoleW
GetStringTypeW
GetProcessHeap
SetFilePointer
GetExitCodeProcess
GetVersion
GetLastError
DeleteFileA
GetStringTypeW

mstscax

DllGetTscCtlVer
DllCanUnloadNow
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rs
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy