8a3a2189f59de5ff8b54ad29de20d1035483df6be3e89c388c0a5246216d0c05 | Triage

Submit
Reports

Overview

overview

Static

static

8a3a2189f5...05.exe

windows7-x64

8a3a2189f5...05.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

8a3a2189f59de5ff8b54ad29de20d1035483df6be3e89c388c0a5246216d0c05.exe

Resource

win7-20220901-en

pony discovery persistence rat spyware stealer upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

8a3a2189f59de5ff8b54ad29de20d1035483df6be3e89c388c0a5246216d0c05.exe

Resource

win10v2004-20221111-en

pony discovery persistence rat spyware stealer upx

windows10-2004-x64

11 signatures

150 seconds

General

Target

8a3a2189f59de5ff8b54ad29de20d1035483df6be3e89c388c0a5246216d0c05
Size

79KB
MD5

040683c1f75ed75041dc1341e013a3f5
SHA1

4c015b26677577a4501d2d7886e043f9cdcbeb1e
SHA256

8a3a2189f59de5ff8b54ad29de20d1035483df6be3e89c388c0a5246216d0c05
SHA512

785be2a0316d8bbac905f21f688d1ccdca03b9511d9021cc63ad9f366116697f4644446c58bdd08208962ff8152f6d6e7a51864f52bb02d1fe6ba1c9e9439c0b
SSDEEP

1536:0zDIVKNQxYQRPz4C7AdEnRW3kwpxNBurDMj/ryvdIPpmlydo0xGnMKAH4Vq1:ZKNQ9RPMC7AsRW0wpxn+DMDrMIPp6yqI

Score

N/A

Malware Config

Signatures

Files

8a3a2189f59de5ff8b54ad29de20d1035483df6be3e89c388c0a5246216d0c05
.exe windows x86

f7015f33371f4825d710818cc0f205e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetForegroundWindow
IsCharAlphaNumericW

kernel32

lstrcmpiW

Exports

Exports

?FinanceAssist@@YGGPAUHKEY__@@PAUHPALETTE__@@@Z

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t1
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t2
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.t4
Size: 1024B - Virtual size: 759B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy