e3340510e013fa775f4022e820c7e47fc10ed91041de2a9fa23a129f8bd2b251 | Triage

Submit
Reports

Overview

overview

Static

static

e3340510e0...51.exe

windows7-x64

e3340510e0...51.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

e3340510e013fa775f4022e820c7e47fc10ed91041de2a9fa23a129f8bd2b251.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

e3340510e013fa775f4022e820c7e47fc10ed91041de2a9fa23a129f8bd2b251.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

e3340510e013fa775f4022e820c7e47fc10ed91041de2a9fa23a129f8bd2b251
Size

258KB
MD5

585dd8a9e3dbae2019ee378de9c31418
SHA1

196b7eb9db8fba66cec462ad91756d338ef4f419
SHA256

e3340510e013fa775f4022e820c7e47fc10ed91041de2a9fa23a129f8bd2b251
SHA512

421b2ca684c8d0f43599d1990a82fda4d77dbdd4daf27e04698ba79f85a0a7fec7c5ca78c0b8c5805328c2aee3a02df7fef08989cf92eaa2d44ed3160a43e85c
SSDEEP

6144:4OYYHaOf0Ow6TRT4QRdYtg8cXrd5BpGeeKF6i:4uTs8RbqmRXfXGu6i

Score

N/A

Malware Config

Signatures

Files

e3340510e013fa775f4022e820c7e47fc10ed91041de2a9fa23a129f8bd2b251
.exe windows x86

1e4defd716bb3a9083e665f42054189b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

RaiseException
IsDebuggerPresent
WideCharToMultiByte
QueryPerformanceCounter
HeapFree
HeapReAlloc
lstrlenA
SetUnhandledExceptionFilter
GetACP
LocalAlloc
GetTickCount
lstrlenW
UnhandledExceptionFilter
GetLocaleInfoA
MultiByteToWideChar
InterlockedCompareExchange
GetSystemTime
WriteFile
HeapAlloc
GetStdHandle
GetStartupInfoA
LoadLibraryW
HeapFree
GetThreadLocale
GetEnvironmentVariableA
EnumResourceTypesW
CreateFileW
GetCurrentThreadId
GetCurrentProcess
HeapDestroy
CreateProcessA
LoadLibraryExW
TerminateProcess
CompareFileTime
Sleep
GetProcessHeap
GetModuleHandleA
InterlockedExchange
GetSystemTimeAsFileTime
HeapSize
GetCurrentProcessId
SystemTimeToFileTime
CloseHandle
lstrcpynW

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy