f1cf96c3d2f53053d6a4db5b3171fdd9a2651e114b5056f8ea8853e0ad91aef2 | Triage

Submit
Reports

Overview

overview

Static

static

f1cf96c3d2...f2.exe

windows7-x64

f1cf96c3d2...f2.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

f1cf96c3d2f53053d6a4db5b3171fdd9a2651e114b5056f8ea8853e0ad91aef2.exe

Resource

win7-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

f1cf96c3d2f53053d6a4db5b3171fdd9a2651e114b5056f8ea8853e0ad91aef2.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

f1cf96c3d2f53053d6a4db5b3171fdd9a2651e114b5056f8ea8853e0ad91aef2
Size

283KB
MD5

63fe64c62437e3c58b49c0524275dacc
SHA1

30a0e544b79c11bb6a62bb0cfba9b0645dfff7ed
SHA256

f1cf96c3d2f53053d6a4db5b3171fdd9a2651e114b5056f8ea8853e0ad91aef2
SHA512

abc9039671148cdc7a2593134feb3e80d0b026292707cd3aa95ce46bca8c95d06fc96e1b42dbf99e0884ee1d377940c6eb1d181ac00c8ac16d8dc5a1fc2fb230
SSDEEP

6144:w7vXDRS0wfOxqpBW8gto5ZsdZjJMQcYWqz9t/Qs/FvN5c1:ivdS9OxqpBDgOAZV11n9trvN5

Score

N/A

Malware Config

Signatures

Files

f1cf96c3d2f53053d6a4db5b3171fdd9a2651e114b5056f8ea8853e0ad91aef2
.exe windows x86

149c53b5b11e45f59f5e3986bfdf001b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetConsoleOutputCP
TlsSetValue
TlsAlloc
RtlUnwind
GetACP
VirtualAlloc
WriteConsoleA
HeapSize
GetCPInfo
SetStdHandle
GetLocaleInfoA
EnumResourceNamesA
GetTimeFormatA
TlsGetValue
SetFilePointer
GetModuleHandleW
GetOEMCP
HeapReAlloc
GetDateFormatA
MultiByteToWideChar
IsValidCodePage
RaiseException

occache

FindControlClose

shell32

SHGetFolderLocation
SHGetMalloc
ShellExecuteExW
SHBrowseForFolderW
DragAcceptFiles
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconW

Sections

.text
Size: 130KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy