ce0c24cdd819ffc53aa5e5b8db6394615928deae953441aa48bb5c49ac0ddeb9 | Triage

Submit
Reports

Overview

overview

Static

static

ce0c24cdd8...b9.exe

windows7-x64

ce0c24cdd8...b9.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

ce0c24cdd819ffc53aa5e5b8db6394615928deae953441aa48bb5c49ac0ddeb9.exe

Resource

win7-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

ce0c24cdd819ffc53aa5e5b8db6394615928deae953441aa48bb5c49ac0ddeb9.exe

Resource

win10v2004-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

ce0c24cdd819ffc53aa5e5b8db6394615928deae953441aa48bb5c49ac0ddeb9
Size

280KB
MD5

1001dd78d7722ebee637286aa1906fc9
SHA1

ea5988f1808cbfa137c7501644c2479199daeb3c
SHA256

ce0c24cdd819ffc53aa5e5b8db6394615928deae953441aa48bb5c49ac0ddeb9
SHA512

07c355897818d9c37c94993ed870a0fa6466774bc207d7678abcb1d64accf49aa81305dd03ebf3e2db915586631f19db0e3bd7456ef923daab31d9f14faab0b7
SSDEEP

6144:jJ36GhuRcZZdBkoiZSObH/Nixu5VLlqB1jDu7ME5REB/iZrf1lD:936GhuRcZXdNufoxkL8B4p5oix1

Score

N/A

Malware Config

Signatures

Files

ce0c24cdd819ffc53aa5e5b8db6394615928deae953441aa48bb5c49ac0ddeb9
.exe windows x86

db791948eb827a4a3fa95c5f5dfeac7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
WideCharToMultiByte
FreeEnvironmentStringsA
LCMapStringA
FlushFileBuffers
GetEnvironmentStringsW
FindFirstFileA
GetEnvironmentStrings
IsBadReadPtr
SetStdHandle
IsBadCodePtr
UnhandledExceptionFilter
FreeEnvironmentStringsW
WriteFile
EnumResourceNamesA
GetStringTypeW
GetThreadLocale
GetDiskFreeSpaceA
SetUnhandledExceptionFilter
CreateFileA
GetCPInfo
GetFileAttributesA
GetStringTypeA
GetStringTypeExA
GetFullPathNameA
SetFilePointer
VirtualProtect
ReadFile
GetOEMCP
LCMapStringW
MulDiv

shlwapi

SHGetInverseCMAP
SHCreateStreamOnFileEx
PathAppendA
PathIsContentTypeA
PathIsFileSpecA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 145KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy