fcd635381f4174e1838e95f3f995a8a51bed232e491da8f85927658898317388 | Triage

Submit
Reports

Overview

overview

Static

static

fcd635381f...88.exe

windows7-x64

fcd635381f...88.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

fcd635381f4174e1838e95f3f995a8a51bed232e491da8f85927658898317388.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

fcd635381f4174e1838e95f3f995a8a51bed232e491da8f85927658898317388.exe

Resource

win10v2004-20220901-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

fcd635381f4174e1838e95f3f995a8a51bed232e491da8f85927658898317388
Size

132KB
MD5

82ed989392994f1b49cc96d55728aa15
SHA1

0c34a52ad992be9c010ced010203fa2c1ddcc1be
SHA256

fcd635381f4174e1838e95f3f995a8a51bed232e491da8f85927658898317388
SHA512

5f5e01fdfc795f1f07a5a3b71a8fd3ab2a41a8c0c01cf5842360cfb85da7022ad217991f59b73ce5aa73e6c77632a524a22874f570f16eab986607b39a51dc83
SSDEEP

3072:784AgwkfeXzbvvoPPguckD/49Cq1W7T+Mu8zCeBiFkRvOYnlZ:RwEWP4PPg/UATQZFt

Score

N/A

Malware Config

Signatures

Files

fcd635381f4174e1838e95f3f995a8a51bed232e491da8f85927658898317388
.exe windows x86

d9156a9fa5ec395943763cc87539ea3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetCurrentThread
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetVersion
HeapAlloc
HeapFree
InterlockedExchange
GetCommandLineA
LocalFree
MultiByteToWideChar
SetCurrentDirectoryA
SetErrorMode
SetThreadPriority
lstrcatA
lstrcpyA
lstrlenA
lstrlenW
VirtualAlloc
FreeLibrary
FormatMessageA
ExitProcess
CreateMutexA
CompareStringA
LoadLibraryA
CloseHandle

user32

IsWindowVisible
MessageBoxA
SendMessageTimeoutA
SetForegroundWindow
ShowWindow
LoadIconA
LoadCursorA
LoadIconW
GetWindowThreadProcessId
GetWindow
GetParent
GetDesktopWindow
GetClassNameA
FindWindowA
IsIconic

gdi32

GetStockObject

advapi32

RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy