9842ed9ee2acd93c9842cae12632071af7a3138b8daab4db102e6f073c07d432 | Triage

Submit
Reports

Overview

overview

Static

static

9842ed9ee2...32.exe

windows7-x64

9842ed9ee2...32.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9842ed9ee2acd93c9842cae12632071af7a3138b8daab4db102e6f073c07d432.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

9842ed9ee2acd93c9842cae12632071af7a3138b8daab4db102e6f073c07d432.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

9842ed9ee2acd93c9842cae12632071af7a3138b8daab4db102e6f073c07d432
Size

286KB
MD5

b0ed88e2e7f0393edf30857da56baad8
SHA1

507575b4a27cce899d9331e865e0d7d31a880638
SHA256

9842ed9ee2acd93c9842cae12632071af7a3138b8daab4db102e6f073c07d432
SHA512

3758001efffa0aac338307ca034d9500d69e951413fad48aec3a48d704a4c8d4aa20008c51ab0d32e7eab47d1cd327e9a8dbd644a55dd972fba0c42820e1b691
SSDEEP

6144:qAlWw0TYX8WsiRN9MF0fhRRjVoiYNipzl2leeJYLoBhu3rScw:qLPWz2F0zRjVoiY8lKlYLyhu3+cw

Score

N/A

Malware Config

Signatures

Files

9842ed9ee2acd93c9842cae12632071af7a3138b8daab4db102e6f073c07d432
.exe windows x86

34c6965b3c6756da26ff5dea92b0b400

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
TerminateProcess
HeapSize
GetSystemTimeAsFileTime
FreeLibrary
HeapReAlloc
IsDebuggerPresent
SetFilePointer
WriteConsoleA
IsValidCodePage
GetDateFormatA
WriteFile
GetLocaleInfoA
GetCPInfo
EnumResourceNamesA
GetCurrentProcessId
SetStdHandle
GetStringTypeW
GetConsoleOutputCP
GetOEMCP
InitializeCriticalSection
RtlUnwind
GetTimeFormatA
LoadLibraryA
SetUnhandledExceptionFilter
GetACP
MultiByteToWideChar
UnhandledExceptionFilter
RaiseException

shlwapi

SHCreateStreamOnFileW
PathIsContentTypeA
PathAppendA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 142KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy