b4edfb7acec507177605bb71cb4a534a545045f6f5686def54bbb133ef3ec406 | Triage

Submit
Reports

Overview

overview

Static

static

b4edfb7ace...06.exe

windows7-x64

b4edfb7ace...06.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b4edfb7acec507177605bb71cb4a534a545045f6f5686def54bbb133ef3ec406.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

b4edfb7acec507177605bb71cb4a534a545045f6f5686def54bbb133ef3ec406.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

b4edfb7acec507177605bb71cb4a534a545045f6f5686def54bbb133ef3ec406
Size

276KB
MD5

a3da5af43569f24351c0a88c5d781197
SHA1

e1c850399e6e0ba3e95d41deaaed824a345c647e
SHA256

b4edfb7acec507177605bb71cb4a534a545045f6f5686def54bbb133ef3ec406
SHA512

452a489177811c20b0528343cac64adf338b3a557033882705501bcf3899cd3bf06a13b124b2190096f6448cc5baa3beaf723e3626f79b91d00c20bb9b684231
SSDEEP

6144:H8oraYomAFfkUgKL4Q5jTM6DC3w6F0d76H65e:coraY1ufP95jwI6j

Score

N/A

Malware Config

Signatures

Files

b4edfb7acec507177605bb71cb4a534a545045f6f5686def54bbb133ef3ec406
.exe windows x86

5cba6d165db99b21b649fc0b8c3e61d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GlobalGetAtomNameW
ReadFile
WideCharToMultiByte
lstrlenA
SetFilePointer
FindNextFileA
WriteFile
EnumResourceTypesA
GetCurrentThreadId
GlobalHandle
QueryPerformanceCounter
IsDBCSLeadByte
GetSystemDirectoryW
EnumResourceLanguagesW
FindFirstFileA
GetModuleHandleA
FindClose

oleacc

LresultFromObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy