c5f4e090e46c46905fd61d1b05c2384f5e0915250e126e9a043e9868c8ee361b | Triage

Submit
Reports

Overview

overview

Static

static

c5f4e090e4...1b.exe

windows7-x64

c5f4e090e4...1b.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c5f4e090e46c46905fd61d1b05c2384f5e0915250e126e9a043e9868c8ee361b.exe

Resource

win7-20221111-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

c5f4e090e46c46905fd61d1b05c2384f5e0915250e126e9a043e9868c8ee361b.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

c5f4e090e46c46905fd61d1b05c2384f5e0915250e126e9a043e9868c8ee361b
Size

273KB
MD5

5dbbf97b280a999534e4113d425abba6
SHA1

365c9551a0157da0e16bbd5f37375b5a1845bb7b
SHA256

c5f4e090e46c46905fd61d1b05c2384f5e0915250e126e9a043e9868c8ee361b
SHA512

ffe8813b4d6736b99a49bd69d4323cfb90f880d6cd2bf9862fd7f1c7e116f28f75211cd7329804ed236b5e66d004563b61e5a323e87bfa963e4dbb8b8d2fba73
SSDEEP

6144:gjRfIF2LryMX0d40J2j5ZDEgzfSO5ENj5wHj/K:gjELJ49a1NwD/K

Score

N/A

Malware Config

Signatures

Files

c5f4e090e46c46905fd61d1b05c2384f5e0915250e126e9a043e9868c8ee361b
.exe windows x86

9eebf0209caa047103cd8f1e0c185283

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
GetAtomNameA
GetProcAddress
FreeLibrary
LoadLibraryW
GetVersionExW
GetModuleFileNameW
GlobalSize
LockResource
Sleep
MultiByteToWideChar
GetModuleHandleW
InitializeCriticalSection
GetTickCount
LoadLibraryA
EnumResourceTypesW
MulDiv
GetVersionExA
GetPrivateProfileIntW
FindClose
lstrlenW
GetSystemDirectoryW
DeleteCriticalSection
LoadResource
GetPrivateProfileStringW
WritePrivateProfileStringW
GetLocaleInfoW

shell32

DoEnvironmentSubstA
SHGetFileInfoA
CommandLineToArgvW
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationW
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
Shell_NotifyIconA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy