9175cc86631e3c116b1a647786028c2d23f5846d11b5dd75a0e722dba2eadeee | Triage

Submit
Reports

Overview

overview

Static

static

9175cc8663...ee.exe

windows7-x64

9175cc8663...ee.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9175cc86631e3c116b1a647786028c2d23f5846d11b5dd75a0e722dba2eadeee.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

9175cc86631e3c116b1a647786028c2d23f5846d11b5dd75a0e722dba2eadeee.exe

Resource

win10v2004-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

9175cc86631e3c116b1a647786028c2d23f5846d11b5dd75a0e722dba2eadeee
Size

279KB
MD5

4a1e8ad5bd2c88ed09bc0fc5c88c396e
SHA1

41d08bdbd42d0a871bd079a3973b07b6986665bf
SHA256

9175cc86631e3c116b1a647786028c2d23f5846d11b5dd75a0e722dba2eadeee
SHA512

df4f761f28522bb207a456e8af44c6586b2a407f090f01c847af5968d829fc3d75843388fe4f73a2f04ba8055f99c8792ace4657e6b3c7ade5a8849ca96451f2
SSDEEP

6144:SnkPgMEPUCRUOzrRGQKLig+Eo5y4Jj+JMkjwlq3V:SnweMCRvrwQED+Eo1kJPHV

Score

N/A

Malware Config

Signatures

Files

9175cc86631e3c116b1a647786028c2d23f5846d11b5dd75a0e722dba2eadeee
.exe windows x86

22953eb94b612a6d9afcbbd5b524ca57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
CreateFileA
GetEnvironmentStrings
GetDiskFreeSpaceA
AddAtomW
IsBadReadPtr
LCMapStringA
SetUnhandledExceptionFilter
GetCPInfo
IsBadCodePtr
GetStringTypeW
UnhandledExceptionFilter
GetFullPathNameA
FreeEnvironmentStringsA
EnumResourceNamesA
GetOEMCP
GetStringTypeA
FlushFileBuffers
GetFileAttributesA
SetStdHandle
GetEnvironmentStringsW
WriteFile
ReadFile
SetFilePointer
FreeEnvironmentStringsW
GetStringTypeExA
LCMapStringW
GetThreadLocale
FindFirstFileA
VirtualProtect
MulDiv

shlwapi

SHGetInverseCMAP
PathIsContentTypeA
PathIsFileSpecA
SHCreateStreamOnFileEx
PathAppendA
PathCreateFromUrlW

rpcrt4

RpcStringFreeA

Sections

.text
Size: 136KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy