b2f7241ae4081388400274df551f2d2c0499f50125313de82ff35c12358d1373 | Triage

Submit
Reports

Overview

overview

Static

static

b2f7241ae4...73.exe

windows7-x64

b2f7241ae4...73.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b2f7241ae4081388400274df551f2d2c0499f50125313de82ff35c12358d1373.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

21 signatures

150 seconds

Behavioral task

behavioral2

Sample

b2f7241ae4081388400274df551f2d2c0499f50125313de82ff35c12358d1373.exe

Resource

win10v2004-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

b2f7241ae4081388400274df551f2d2c0499f50125313de82ff35c12358d1373
Size

271KB
MD5

3571a335c3d52685a47767d0f08add14
SHA1

b2c5133e4fd027aef8ba1404a89971c36a372d7f
SHA256

b2f7241ae4081388400274df551f2d2c0499f50125313de82ff35c12358d1373
SHA512

d32fdd16523d6b8556dff1569e059f0a424cb734781ac4b3cc71aae7c1eb70f581be9bda49db415dd20d04d8fd0612a190186f12b28b0e56006a1ecd74a3ce8c
SSDEEP

6144:AmD36owTqIe9OgF1b5YlZ9zMnEj5+0XjxZRfCG4m23Zeu+RzZDxE/:AJzq5AfzMnEd+Gj75j4m49+R

Score

N/A

Malware Config

Signatures

Files

b2f7241ae4081388400274df551f2d2c0499f50125313de82ff35c12358d1373
.exe windows x86

e48a32211a5c2ae404db41524e133513

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
WriteConsoleA
GlobalGetAtomNameW
TlsAlloc
GetLocaleInfoA
IsValidCodePage
TlsSetValue
MultiByteToWideChar
GetACP
GetOEMCP
EnumResourceTypesA
SetStdHandle
HeapSize
RtlUnwind
VirtualAlloc
TlsGetValue
GetConsoleOutputCP
SetThreadExecutionState
SetFilePointer
GetTimeFormatA
GetCPInfo
GetDateFormatA
RaiseException

rpcrt4

RpcStringFreeA

user32

DispatchMessageW
LoadStringA
CharNextA
GetDesktopWindow
DispatchMessageA
PeekMessageA
MessageBoxA
wsprintfA

shell32

SHGetDataFromIDListW
ShellExecuteExA
SHGetFileInfoA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy