eb8547ff44eb79238852b78da09cc4494fc95292e6b7f8eaebcf6be66ef79c3c | Triage

Submit
Reports

Overview

overview

Static

static

eb8547ff44...3c.exe

windows7-x64

eb8547ff44...3c.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

eb8547ff44eb79238852b78da09cc4494fc95292e6b7f8eaebcf6be66ef79c3c.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

eb8547ff44eb79238852b78da09cc4494fc95292e6b7f8eaebcf6be66ef79c3c.exe

Resource

win10v2004-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

eb8547ff44eb79238852b78da09cc4494fc95292e6b7f8eaebcf6be66ef79c3c
Size

282KB
MD5

6cfe2ea9934e593b87fcc5d3bac4eb2f
SHA1

2d096586c158736a2a36a3e6534340c0dc42e3e1
SHA256

eb8547ff44eb79238852b78da09cc4494fc95292e6b7f8eaebcf6be66ef79c3c
SHA512

d4c7f8cf501b658b89b2fb028e4a9de0c531c3ec7cc9e14d2aa4c615485f210e52677bc24f0ab503fad363a571dfb6756755d830e9bb3acbdbb7b722e112d511
SSDEEP

6144:fE2Mo8plJcRKZ/f3ItMogkh28mzu9ppfnrRu+Vvj4SpT+TFVrk:fJR+l13iMogMlNr4Sj42Ar

Score

N/A

Malware Config

Signatures

Files

eb8547ff44eb79238852b78da09cc4494fc95292e6b7f8eaebcf6be66ef79c3c
.exe windows x86

7e1b983b5510358b1bc7ce3dda119d67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetTimeFormatA
SetFilePointer
GetDateFormatA
RtlUnwind
TlsGetValue
GetCPInfo
WriteConsoleA
GetOEMCP
IsValidCodePage
MultiByteToWideChar
TlsAlloc
EnumResourceNamesA
SetStdHandle
TlsSetValue
CreateHardLinkA
GetConsoleOutputCP
GetACP
HeapReAlloc
HeapSize
VirtualAlloc
GetLocaleInfoA
RaiseException

occache

FindControlClose

shell32

SHGetFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetSpecialFolderLocation
SHAppBarMessage
SHGetFileInfoW
ShellExecuteExW
SHGetPathFromIDListW
DragAcceptFiles
SHGetDesktopFolder
ShellExecuteW
Shell_NotifyIconW

Sections

.text
Size: 125KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy