ff163fe109e1cb5c327f1cd09977c1c916b7e608ee54e32bdcf281934cf7dcad | Triage

Submit
Reports

Overview

overview

Static

static

ff163fe109...ad.exe

windows7-x64

ff163fe109...ad.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ff163fe109e1cb5c327f1cd09977c1c916b7e608ee54e32bdcf281934cf7dcad.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

ff163fe109e1cb5c327f1cd09977c1c916b7e608ee54e32bdcf281934cf7dcad.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

ff163fe109e1cb5c327f1cd09977c1c916b7e608ee54e32bdcf281934cf7dcad
Size

278KB
MD5

f3fcfd6a15d7a76f607253f2acf6e5da
SHA1

787c2fbc6ea82e69b08ed8f04cf9a855b524078f
SHA256

ff163fe109e1cb5c327f1cd09977c1c916b7e608ee54e32bdcf281934cf7dcad
SHA512

f2ab6110d81b518965d36d663472bcb947ea86b3ee495077e783de675df88e139a4eba6b2d0dbb9393fa8e4dd5dd8f478410332d1307c4da685dacaa1914f421
SSDEEP

6144:OJJpKi8/ABb1SpyXQoKz6zBQ1bQKdj855cJ7t5IFlJ0yNIs4U+ho5s4z:OJJpKz/Ab1S4X9it9dY5S5IbJ0yFr1s

Score

N/A

Malware Config

Signatures

Files

ff163fe109e1cb5c327f1cd09977c1c916b7e608ee54e32bdcf281934cf7dcad
.exe windows x86

8dd74fd97da73102f80589cd2acaaaf9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GetFileAttributesA
SetUnhandledExceptionFilter
IsBadCodePtr
AddAtomW
GetCPInfo
CreateFileA
WideCharToMultiByte
FreeEnvironmentStringsW
GetStringTypeW
GetThreadLocale
GetStringTypeA
IsBadReadPtr
GetFullPathNameA
VirtualProtect
EnumResourceNamesA
GetOEMCP
SetFilePointer
ReadFile
FreeEnvironmentStringsA
GetDiskFreeSpaceA
LCMapStringA
FindFirstFileA
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeExA
LCMapStringW
UnhandledExceptionFilter
FlushFileBuffers
WriteFile
MulDiv

shlwapi

SHGetInverseCMAP
SHCreateStreamOnFileEx
PathIsFileSpecA
PathIsContentTypeA
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 138KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy