a208a580e3d5818f2a028d543e502f20f7555e2be56080379b2fd097dcafb6a9 | Triage

Submit
Reports

Overview

overview

Static

static

a208a580e3...a9.exe

windows7-x64

a208a580e3...a9.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

a208a580e3d5818f2a028d543e502f20f7555e2be56080379b2fd097dcafb6a9.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

a208a580e3d5818f2a028d543e502f20f7555e2be56080379b2fd097dcafb6a9.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

a208a580e3d5818f2a028d543e502f20f7555e2be56080379b2fd097dcafb6a9
Size

286KB
MD5

3b86d158a0f50a1c11d7acdde2d85ab9
SHA1

401be0c621e6fd8c697f4c66d9073a2543c11b98
SHA256

a208a580e3d5818f2a028d543e502f20f7555e2be56080379b2fd097dcafb6a9
SHA512

c7ab8ba77ea72cafd412ed46315d431bb6143a4134c0a9dab72ecfd363610b1cc5f3a64bd18c03c863d6c14e7605838b1a811d7f28e241eedeb89288ea0876cb
SSDEEP

6144:9XDHEFOz3s/B+UnmbTWVIvcckTNULFzHu2FXTayuF8hkXwhW+rm+:xjxZbTW0kTNQurynhQw0cm

Score

N/A

Malware Config

Signatures

Files

a208a580e3d5818f2a028d543e502f20f7555e2be56080379b2fd097dcafb6a9
.exe windows x86

632ae2b8ade532a75d7611af9a2e565c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

InterlockedExchange
GlobalFindAtomA
GetLocaleInfoW
QueryPerformanceCounter
GetTickCount
IsDebuggerPresent
InterlockedCompareExchange
GetModuleHandleW
GetStartupInfoA
GetCurrentThreadId
GetProcessHeap
EnumResourceLanguagesW
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetPrivateProfileStructW
LocalAlloc
GetCurrentProcess
UnhandledExceptionFilter
VirtualProtect
FoldStringW
DeleteFileW

shlwapi

StrRetToBSTR
PathCreateFromUrlW
PathIsRelativeW
StrCmpIW
PathFindExtensionW
PathAppendW
UrlUnescapeW
UrlCreateFromPathW
PathRemoveFileSpecW
PathCombineW

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 150KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy