ec3898ab6b3498b6a91cd9f5d0f7b173a1d45e54debae967b984b7cabd5b06cf | Triage

Submit
Reports

Overview

overview

Static

static

ec3898ab6b...cf.exe

windows7-x64

ec3898ab6b...cf.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ec3898ab6b3498b6a91cd9f5d0f7b173a1d45e54debae967b984b7cabd5b06cf.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ec3898ab6b3498b6a91cd9f5d0f7b173a1d45e54debae967b984b7cabd5b06cf.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

ec3898ab6b3498b6a91cd9f5d0f7b173a1d45e54debae967b984b7cabd5b06cf
Size

109KB
MD5

7a8f915c712812565828ac7632796679
SHA1

63a2fa5d81ef94cf5d74c336639adbb821090a78
SHA256

ec3898ab6b3498b6a91cd9f5d0f7b173a1d45e54debae967b984b7cabd5b06cf
SHA512

7d35e24d852d5d024dd2488d4ec35b192470a1220e8f0d6730751e5776b17c27233dfe6e6a403c26aacfd11777b7a63aa12778342520beaaf36a484ed36867c1
SSDEEP

3072:/Q4mmu9kT2QEXzC99e5SVtJ6LIvW7ygBunI52cfrkPJ:/Q41uGTpS5utckvWNknIHYP

Score

N/A

Malware Config

Signatures

Files

ec3898ab6b3498b6a91cd9f5d0f7b173a1d45e54debae967b984b7cabd5b06cf
.exe windows x86

20151d34eb86c217f0356f05be5028dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetFileAttributesA
GetFileTime
WaitForSingleObject
MapViewOfFile
HeapFree
SetFileAttributesW
IsBadReadPtr
SuspendThread
ExitProcess
GetTickCount
GetModuleHandleA
GlobalLock
LocalSize
CloseHandle
EnterCriticalSection
GetEnvironmentVariableW
GetFileType
SetLastError
GetCurrentDirectoryW
ReadFile
GetDriveTypeA
SetLastError
HeapCreate
GetCommandLineW

uxtheme

SetWindowTheme
GetWindowTheme
GetThemeEnumValue
GetThemeTextExtent
GetThemeTextMetrics
GetThemeColor
CloseThemeData
DrawThemeBackground
IsThemeActive
CloseThemeData
OpenThemeData
DrawThemeEdge
GetThemeBool

credssp

SpVerifySignature
SpVerifySignature
SpVerifySignature
SpVerifySignature

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy