c0327aa0642e183977cf93e638b06dbd418af640a8371f3c85bd82259df05309 | Triage

Submit
Reports

Overview

overview

Static

static

c0327aa064...09.exe

windows7-x64

c0327aa064...09.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c0327aa0642e183977cf93e638b06dbd418af640a8371f3c85bd82259df05309.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

c0327aa0642e183977cf93e638b06dbd418af640a8371f3c85bd82259df05309.exe

Resource

win10v2004-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

c0327aa0642e183977cf93e638b06dbd418af640a8371f3c85bd82259df05309
Size

274KB
MD5

c26b587672deb10d8d9fc1c082038ae5
SHA1

f3d5609ffb567469f6e86e291c8f793b0b2d7855
SHA256

c0327aa0642e183977cf93e638b06dbd418af640a8371f3c85bd82259df05309
SHA512

4a90ac36ff3c37ad288f10b31508bd0787b112b192365890f3ba364d964784e2e8c8e3d0065ef068254baf7e79366874cf8e8511a62d9778940d6eea4396cbe8
SSDEEP

6144:+bydRhhiWZmd79bJqYzdauPjOCrcP6wRcWiXyb5SBK3V9DR:80QwmdpJlda+AP6wWWiyIBkD

Score

N/A

Malware Config

Signatures

Files

c0327aa0642e183977cf93e638b06dbd418af640a8371f3c85bd82259df05309
.exe windows x86

031adbc0748c543ec29958a712bc9f96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
TlsSetValue
GlobalGetAtomNameW
HeapReAlloc
VirtualAlloc
IsValidCodePage
GetOEMCP
GetCPInfo
RtlUnwind
TlsAlloc
GetTimeFormatA
EnumResourceTypesA
MultiByteToWideChar
SetFilePointer
SetThreadExecutionState
SetStdHandle
HeapSize
GetConsoleOutputCP
WriteConsoleA
TlsGetValue
GetACP
GetLocaleInfoA
RaiseException

shell32

SHGetDataFromIDListW
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
DragAcceptFiles
Shell_NotifyIconA

user32

LoadStringA
DispatchMessageW
CharNextA
DispatchMessageA
MessageBoxA
GetDesktopWindow
PeekMessageA
wsprintfA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy