faf01efa8f5f2143c7fd9aa484e5e9d253b3655794464763f7080b2683dee5a2 | Triage

Submit
Reports

Overview

overview

Static

static

faf01efa8f...a2.exe

windows7-x64

faf01efa8f...a2.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

faf01efa8f5f2143c7fd9aa484e5e9d253b3655794464763f7080b2683dee5a2.exe

Resource

win7-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

faf01efa8f5f2143c7fd9aa484e5e9d253b3655794464763f7080b2683dee5a2.exe

Resource

win10v2004-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

faf01efa8f5f2143c7fd9aa484e5e9d253b3655794464763f7080b2683dee5a2
Size

292KB
MD5

79609e3efdc17683b9a57ebee579d070
SHA1

bf81ac1882d9ed6d2d21c9fb7113409f72e18073
SHA256

faf01efa8f5f2143c7fd9aa484e5e9d253b3655794464763f7080b2683dee5a2
SHA512

fb7ddc1fbb356e039d0a49ec6d70401b758260b6ed301742bc4f7bd2269aa5f68043af71113ff809939f20fbac74b90669989464999ccd55ad044df5f289c879
SSDEEP

6144:2wjEZDM2uh9YRycdv/pnSLzOx64gD3g/rf3Oyh+Ihyb7M2V1U:/S4h9yyUY2ITgTm/Ih0My

Score

N/A

Malware Config

Signatures

Files

faf01efa8f5f2143c7fd9aa484e5e9d253b3655794464763f7080b2683dee5a2
.exe windows x86

1f3d89a21e0887b0867b89c5909eb265

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GlobalGetAtomNameW
SetStdHandle
WriteConsoleA
VirtualAlloc
GetACP
TlsSetValue
TlsGetValue
GetCPInfo
HeapSize
IsValidCodePage
RtlUnwind
EnumResourceNamesA
HeapReAlloc
GetOEMCP
GetCPInfoExW
GetLocaleInfoA
MultiByteToWideChar
GetConsoleOutputCP
GetTimeFormatA
TlsAlloc
SetFilePointer
RaiseException

occache

FindControlClose

shlwapi

SHCreateStreamOnFileA
PathIsContentTypeA
PathIsFileSpecA
PathAppendA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 139KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy