fd8d6681c0d2e522f4e5e35193db0bbe9f12dcdf0dff1cc8a0565e25cca965c3 | Triage

Submit
Reports

Overview

overview

Static

static

fd8d6681c0...c3.exe

windows7-x64

fd8d6681c0...c3.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

fd8d6681c0d2e522f4e5e35193db0bbe9f12dcdf0dff1cc8a0565e25cca965c3.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

fd8d6681c0d2e522f4e5e35193db0bbe9f12dcdf0dff1cc8a0565e25cca965c3.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

fd8d6681c0d2e522f4e5e35193db0bbe9f12dcdf0dff1cc8a0565e25cca965c3
Size

272KB
MD5

0211a2b769b910f776a9defe5b347d83
SHA1

778b14053ef067c3d986df03c813e143ef0da775
SHA256

fd8d6681c0d2e522f4e5e35193db0bbe9f12dcdf0dff1cc8a0565e25cca965c3
SHA512

d18f1dc144d48f78269d75f7650115050d08d56cb367e2292922fd811d14a068b2a912fa5db673d167eeb19c843708541db5f13d26c6eeb0b72763d673ef66fb
SSDEEP

6144:PwQYiiWhLMSGu8SBVz5M6W+hfsVGP6Agtjno7wNSX+upTz7Dc:PBXiA9Gu8alM6W+hfg26A6LO+ATz7D

Score

N/A

Malware Config

Signatures

Files

fd8d6681c0d2e522f4e5e35193db0bbe9f12dcdf0dff1cc8a0565e25cca965c3
.exe windows x86

fb1163a9e949b80c31f634e77b38f1cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetLocaleInfoA
IsValidCodePage
GlobalGetAtomNameW
HeapReAlloc
WriteConsoleA
SetStdHandle
GetTimeFormatA
GetConsoleOutputCP
RtlUnwind
HeapSize
TlsGetValue
EnumResourceTypesW
TlsSetValue
GetOEMCP
SetThreadLocale
VirtualAlloc
GetACP
GetDateFormatA
TlsAlloc
MultiByteToWideChar
GetCPInfo
RaiseException

shell32

SHGetDataFromIDListW
SHBrowseForFolderA
ShellExecuteExA
DragAcceptFiles
SHGetFileInfoA
SHGetPathFromIDListA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

user32

LoadStringA
GetDesktopWindow
PeekMessageA
CharNextA
MessageBoxA
DispatchMessageA
DispatchMessageW
wsprintfA

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy