951b1c2620ff08980617a1579268088726f2861272df4bf137914c1c8df8de60 | Triage

Submit
Reports

Overview

overview

Static

static

951b1c2620...60.exe

windows7-x64

951b1c2620...60.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

951b1c2620ff08980617a1579268088726f2861272df4bf137914c1c8df8de60.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

951b1c2620ff08980617a1579268088726f2861272df4bf137914c1c8df8de60.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

951b1c2620ff08980617a1579268088726f2861272df4bf137914c1c8df8de60
Size

297KB
MD5

e6415f65d3c1cf8570f2f4bcc51e5b7b
SHA1

128586e0d20d58bdf18cc978a4bd6b07f66f7ff1
SHA256

951b1c2620ff08980617a1579268088726f2861272df4bf137914c1c8df8de60
SHA512

ec56c508f226e35a88343975eaeb74954a82d6221affc45f83088218928b5b108223cb5e7d5e09037738889703788f4e30510dd8617bb6f52d659ef669624363
SSDEEP

6144:TAUDfuXlNzOfr7X/KAcgtKjH12PuyAs7q1faa5hdG5/8HTF:bqVNzgrj/pc4KL12P02q1y/8

Score

N/A

Malware Config

Signatures

Files

951b1c2620ff08980617a1579268088726f2861272df4bf137914c1c8df8de60
.exe windows x86

f5b477469cb9e948f250e3ef53fc29ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameW
HeapSize
GetLocaleInfoA
VirtualAlloc
SetStdHandle
GetCPInfo
TlsAlloc
IsValidCodePage
TlsSetValue
HeapReAlloc
GetConsoleOutputCP
EnumResourceNamesA
MultiByteToWideChar
GetACP
EnumSystemCodePagesA
GetTimeFormatA
GetDateFormatA
RtlUnwind
WriteConsoleA
GetOEMCP
SetFilePointer
TlsGetValue
RaiseException

occache

FindControlClose

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHGetDesktopFolder
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ShellExecuteW
SHAppBarMessage
ShellExecuteExW
SHGetFileInfoW
SHGetMalloc
Shell_NotifyIconW

Sections

.text
Size: 146KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy