187988273b4762bc4fb7571203360ab0[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

187988273b...b0.exe

windows7-x64

187988273b...b0.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

187988273b4762bc4fb7571203360ab0.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

187988273b4762bc4fb7571203360ab0.exe

Resource

win10v2004-20220812-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

187988273b4762bc4fb7571203360ab0.exe
Size

115KB
MD5

187988273b4762bc4fb7571203360ab0
SHA1

31634c9f094a2a72097d711271bc58ac8c55cdd3
SHA256

2a205ac624ee7fc93ba5b622086785d84e5727832c515f43bc9c86bf5c0d0423
SHA512

48bfaa735ef87eba1bdb88b434dc18864dbcc79cd2737c5eef69b0d245a097d08af5a4fd0740239167b8638215bd5e73775f141e5a35d909cabce7d53b7351ba
SSDEEP

3072:VLF/MpF1GGqIAu3ve/eIjTGGtTXXXUjqpMmfc:g31SPMe5jSeHGqpMuc

Score

N/A

Malware Config

Signatures

Files

187988273b4762bc4fb7571203360ab0.exe
.exe windows x86

f57c29d6dafca7ff86e76dff9b92633e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetShortPathNameW
DeleteFileA
CloseHandle
HeapFree
HeapCreate
GetProcessHeap
SetEnvironmentVariableA
GetStringTypeW
GetVersion
DeleteFileA
DeleteFileA
GetStringTypeW
GetExitCodeProcess
SetCurrentDirectoryA
GetConsoleTitleA
GetLastError
GetProcessHeap
GetModuleHandleW
CreateDirectoryA
GetStdHandle
GetModuleHandleA
CreateFileMappingW

mstscax

DllUnregisterServer
DllCanUnloadNow
DllRegisterServer
DllGetTscCtlVer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rs
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy