88a9606e08e7fae8b32d46ca584fb21cb9f8fbe8f7e08f639931da5df24e8a2f | Triage

Submit
Reports

Overview

overview

Static

static

88a9606e08...2f.exe

windows7-x64

88a9606e08...2f.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

88a9606e08e7fae8b32d46ca584fb21cb9f8fbe8f7e08f639931da5df24e8a2f.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

88a9606e08e7fae8b32d46ca584fb21cb9f8fbe8f7e08f639931da5df24e8a2f.exe

Resource

win10v2004-20220812-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

88a9606e08e7fae8b32d46ca584fb21cb9f8fbe8f7e08f639931da5df24e8a2f
Size

107KB
MD5

0461f11c81af4039bf09fc37caf6d4c0
SHA1

9b4da35097ef85cc5ea5036627baadfc0e10628f
SHA256

88a9606e08e7fae8b32d46ca584fb21cb9f8fbe8f7e08f639931da5df24e8a2f
SHA512

88ad0b87a9540242b3ffaeaf74cb81fa2eaf888ad23413c512e066a00902bb7bd969a6a458567218083cc6abfb571551b8126648b6d10066ef320fee7364952c
SSDEEP

3072:Q4WGwd62XRiry4uPV2p6/Sahj3IFfuwzds+:lWrd62XAy4gVRa2kuQds

Score

N/A

Malware Config

Signatures

Files

88a9606e08e7fae8b32d46ca584fb21cb9f8fbe8f7e08f639931da5df24e8a2f
.exe windows x86

e95a5f93d04e6b3ded68e16883528e61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleW
WaitForSingleObject
GetDiskFreeSpaceW
lstrcpyW
InterlockedDecrement
InterlockedIncrement
GetCurrentDirectoryA
lstrcmpA
ExitThread
GetLastError
Heap32First
GetStringTypeW
CloseHandle
GetExitCodeProcess
LoadLibraryA
GetDiskFreeSpaceW
GetPrivateProfileIntA
HeapCreate
ReadFileEx
FindResourceW
SetEnvironmentVariableA

adsldpc

ADsDeleteClassDefinition
ADsEnumAttributes
ADsExecuteSearch
ADsCloseSearchHandle

clbcatq

CheckMemoryGates
ComPlusMigrate
SetupOpen
DllGetClassObject
SetSetupSave
SetSetupSave
SetupOpen
ComPlusMigrate
DllGetClassObject
CheckMemoryGates
ComPlusMigrate
SetupOpen
CheckMemoryGates

version

VerFindFileA

Sections

.text
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy