b7d086c446cb8f6f70535943a25ae692fbfe2eb8d679c2de4a6df30d82c11dec | Triage

Submit
Reports

Overview

overview

Static

static

b7d086c446...ec.exe

windows7-x64

b7d086c446...ec.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b7d086c446cb8f6f70535943a25ae692fbfe2eb8d679c2de4a6df30d82c11dec.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

b7d086c446cb8f6f70535943a25ae692fbfe2eb8d679c2de4a6df30d82c11dec.exe

Resource

win10v2004-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

b7d086c446cb8f6f70535943a25ae692fbfe2eb8d679c2de4a6df30d82c11dec
Size

271KB
MD5

528d6ae943de760669331739329b8f52
SHA1

55b61e809fefa78bacef3bd8d164644a3ff75687
SHA256

b7d086c446cb8f6f70535943a25ae692fbfe2eb8d679c2de4a6df30d82c11dec
SHA512

8787335becb63a60c5f44239146bd5dff16ea58cef3d4b48c79e4e0e381a31d23f55ae17ad93f72527a68a4489ba0ee86a0ac5c3cd03853ef93fa9ba8c7643bb
SSDEEP

6144:qZvgp4laVeT8o3y/lKKHyK5dKyzI3tdbGFvI3RLI:YvgGl17+KKHyn2etdbGm39I

Score

N/A

Malware Config

Signatures

Files

b7d086c446cb8f6f70535943a25ae692fbfe2eb8d679c2de4a6df30d82c11dec
.exe windows x86

1f6eeb95bed1b231dac81da9623e6eeb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringW
LoadResource
MulDiv
GlobalGetAtomNameA
Sleep
GlobalSize
LoadLibraryA
GetVersionExA
GetPrivateProfileStringW
GetPrivateProfileIntW
DeleteCriticalSection
LoadLibraryW
EnumResourceTypesA
FindClose
InitializeCriticalSection
FindFirstFileW
lstrlenW
GetTickCount
FreeLibrary
LockResource
MultiByteToWideChar
GetDllDirectoryW
GetVersionExW
GetProcAddress
GetModuleFileNameW
GetModuleHandleW
GetLocaleInfoW

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

DllGetVersion
SHGetFileInfoA
ShellExecuteW
SHFileOperationW
SHGetPathFromIDListA
CommandLineToArgvW
ShellExecuteExA
ShellExecuteExW
SHBrowseForFolderA
SHGetFolderPathW
Shell_NotifyIconA

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy