a8a8ea15a2f4e871e538807b17562b2bfd6214c6731d1f93df82c17a9cece646 | Triage

Submit
Reports

Overview

overview

Static

static

a8a8ea15a2...46.exe

windows7-x64

a8a8ea15a2...46.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a8a8ea15a2f4e871e538807b17562b2bfd6214c6731d1f93df82c17a9cece646.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

a8a8ea15a2f4e871e538807b17562b2bfd6214c6731d1f93df82c17a9cece646.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

a8a8ea15a2f4e871e538807b17562b2bfd6214c6731d1f93df82c17a9cece646
Size

281KB
MD5

a1758cd58a4ba8bc92028192db3f7e43
SHA1

dc812aa6b7c0f0ce444bdc042b3cd95fce5de4f4
SHA256

a8a8ea15a2f4e871e538807b17562b2bfd6214c6731d1f93df82c17a9cece646
SHA512

adeee1e8c3dfb1cf1f0f9a80cf1c28f5d57304d9ddaa2e12f8742270ea837c6edb41dae4c0dd15ebd77407b8656a67d8819c719c1620346b1081da1b09d91ec3
SSDEEP

6144:nonLsrljfPQ4q2Ge55OE+72effERpG8hVOTkIs6rEFGpkmRa8Da:onLCw4qheSlfsXG8XlIsDwpn

Score

N/A

Malware Config

Signatures

Files

a8a8ea15a2f4e871e538807b17562b2bfd6214c6731d1f93df82c17a9cece646
.exe windows x86

ecb695fea344c3c05811572af954b249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

SetLastError
MultiByteToWideChar
LocalFree
GetProcessHeap
GlobalAddAtomW
GetCommandLineA
FindFirstFileA
LoadResource
HeapFree
FindResourceExA
LoadLibraryW
CloseHandle
GlobalFree
EnumResourceNamesA
LockResource
EnumResourceTypesA
InterlockedExchange
GetModuleHandleA
GetProcAddress
EnumResourceLanguagesA
HeapAlloc
FindFirstFileW
FormatMessageA
EnumResourceNamesA
GetCurrencyFormatA
GetLastError
FindNextFileW
RaiseException
SizeofResource
GetCurrentDirectoryA
Sleep

user32

IsWindowVisible
GetWindowThreadProcessId
wsprintfW
GetWindowTextA
EnumWindows
wsprintfA

Sections

.text
Size: 140KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy