b1bdfecfa01ab477f9a25284a5e7a396a11154cc287babd91e5fe71005de864a | Triage

Submit
Reports

Overview

overview

Static

static

b1bdfecfa0...4a.exe

windows7-x64

b1bdfecfa0...4a.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b1bdfecfa01ab477f9a25284a5e7a396a11154cc287babd91e5fe71005de864a.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1bdfecfa01ab477f9a25284a5e7a396a11154cc287babd91e5fe71005de864a.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b1bdfecfa01ab477f9a25284a5e7a396a11154cc287babd91e5fe71005de864a
Size

108KB
MD5

595caf04d93de948694ade11abc571b5
SHA1

24b3602bad938838d431ca4c22132eba961ccf0a
SHA256

b1bdfecfa01ab477f9a25284a5e7a396a11154cc287babd91e5fe71005de864a
SHA512

e6f0771fa1790a57cd568fa02794b13ee4a89c6ea7ac9e8a0b204e590616789e5a3e66f943c51c669f646a39d8dcf715b2adec2b292ef7a83cc117cf79f9f2f4
SSDEEP

3072:gydX+SAmdh9MLVgLX/MwzXhLuTHV3eWJeN:k5mdh9MpgLXEwtw13M

Score

N/A

Malware Config

Signatures

Files

b1bdfecfa01ab477f9a25284a5e7a396a11154cc287babd91e5fe71005de864a
.exe windows x86

cfe7212189898ab73525fd0b4300375f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
ExitProcess
SuspendThread
SetLastError
GetFileAttributesA
GetVersion
ReadFile
FindAtomW
SetLastError
DeleteAtom
GetCommandLineA
SetFileAttributesW
HeapSize
SetEndOfFile
EnterCriticalSection
GetStdHandle
VirtualAlloc
IsBadReadPtr
CreateFileA
DeleteFileA
GetModuleHandleA
GetEnvironmentVariableA
CloseHandle
GetFileSize
WaitForSingleObject

cryptui

WizardFree
CryptUIWizImport
CryptUIWizExport
DllUnregisterServer
CryptUIWizBuildCTL
LocalEnroll
LocalEnrollNoDS
CryptUIStartCertMgr
CryptUIDlgViewContext
DllRegisterServer
CryptUIDlgFreeCAContext
WizardFree
CryptUIWizDigitalSign

uniplat

UmPlatformInitialize
UmPlatformInitialize
UmPlatformInitialize
UmPlatformInitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy