aa4f441e679b9d5b92ac99fc17d9d39b76896fd4e9e6c211213f53c2c52905bb | Triage

Submit
Reports

Overview

overview

Static

static

aa4f441e67...bb.exe

windows7-x64

aa4f441e67...bb.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

aa4f441e679b9d5b92ac99fc17d9d39b76896fd4e9e6c211213f53c2c52905bb.exe

Resource

win7-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

aa4f441e679b9d5b92ac99fc17d9d39b76896fd4e9e6c211213f53c2c52905bb.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

aa4f441e679b9d5b92ac99fc17d9d39b76896fd4e9e6c211213f53c2c52905bb
Size

270KB
MD5

cc79f89369e8920c862057196248ed47
SHA1

1e24891689dde9ea18f555b549298e97d2f78a15
SHA256

aa4f441e679b9d5b92ac99fc17d9d39b76896fd4e9e6c211213f53c2c52905bb
SHA512

cfa7a3a6d62172f66b4957ef4610b8a9d5c1a1e40e8a93032a55b8bb95970f3d3f1e7dc56fcd17a7ed0761a70477a200b3a3600100ce5012adb179b9a8adf293
SSDEEP

6144:1AWmaGT0oQdaMAwMyrvf5AJ4nuwVNnnts1KtM1ZwxQuydYHVLVC:uaUQcgtZnuwVNnUZHt610

Score

N/A

Malware Config

Signatures

Files

aa4f441e679b9d5b92ac99fc17d9d39b76896fd4e9e6c211213f53c2c52905bb
.exe windows x86

f1bfedeadbdbecc75644446fccda9537

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

setupapi

CM_Get_Depth_Ex
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

TlsFree
GetStdHandle
HeapSize
GetSystemInfo
AddAtomA
SetLastError
SetEndOfFile
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualFree
HeapCreate
GetEnvironmentStringsW
GetStartupInfoA
TlsGetValue
EnumResourceNamesA
GetFileType
GetVersionExA
TerminateProcess
TlsSetValue
IsBadWritePtr
TlsAlloc
GetModuleFileNameA
VirtualAlloc
GetACP
GetLocaleInfoA
IsBadStringPtrW
GetCurrentProcess
GetEnvironmentStrings
InterlockedExchange
SetHandleCount
UnhandledExceptionFilter

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy