914817ad32f2dcffedb195f4b6add8e2383a030a1af149a81a1ef61f7e3d0226 | Triage

Submit
Reports

Overview

overview

Static

static

914817ad32...26.exe

windows7-x64

914817ad32...26.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

914817ad32f2dcffedb195f4b6add8e2383a030a1af149a81a1ef61f7e3d0226.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

914817ad32f2dcffedb195f4b6add8e2383a030a1af149a81a1ef61f7e3d0226.exe

Resource

win10v2004-20221111-en

evasion persistence upx

windows10-2004-x64

10 signatures

150 seconds

General

Target

914817ad32f2dcffedb195f4b6add8e2383a030a1af149a81a1ef61f7e3d0226
Size

275KB
MD5

01c483e933856afd7afd787e0234a3f1
SHA1

e9b8ab30ebbadf4f7e26976788e7fe76b5a5fe0f
SHA256

914817ad32f2dcffedb195f4b6add8e2383a030a1af149a81a1ef61f7e3d0226
SHA512

e491c36989d0858527798472c38a09e2de5b87a896cbf6d3a623f41d421254cd317ec83c5b6f6bc4ff8a5d5c60f164595171aa787dee5f7c344d072d75f73d36
SSDEEP

6144:q+/0PQmGacY5dKzQjJ7U/+Q0xGu1O3N9MkkyFD0Edz:q+EvfA/+1xOdWkkyFIiz

Score

N/A

Malware Config

Signatures

Files

914817ad32f2dcffedb195f4b6add8e2383a030a1af149a81a1ef61f7e3d0226
.exe windows x86

f8ba83360880e0452822cdc5666acac1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
IsDebuggerPresent
GetCPInfo
LoadLibraryA
VirtualAlloc
SetUnhandledExceptionFilter
GetACP
GetStringTypeA
GetOEMCP
EnumResourceTypesW
GetStringTypeW
RtlUnwind
LZCopy
LCMapStringW
WriteFile
GetCurrentProcess
InterlockedExchange
LCMapStringA
GetLocaleInfoA

oleacc

GetOleaccVersionInfo
AccessibleObjectFromEvent

msimg32

TransparentBlt

Sections

.text
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy