d0b2edc3432b896aa7a1a2aefb6efdf6e3161b775410f1f6464339c3ebe5bae0 | Triage

Submit
Reports

Overview

overview

Static

static

d0b2edc343...e0.exe

windows7-x64

d0b2edc343...e0.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

d0b2edc3432b896aa7a1a2aefb6efdf6e3161b775410f1f6464339c3ebe5bae0.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

d0b2edc3432b896aa7a1a2aefb6efdf6e3161b775410f1f6464339c3ebe5bae0.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

d0b2edc3432b896aa7a1a2aefb6efdf6e3161b775410f1f6464339c3ebe5bae0
Size

274KB
MD5

0a13f05b8e3a95cc0ed58902c2c089c0
SHA1

5e824c1434330b698367068da63f8d2bec53aba8
SHA256

d0b2edc3432b896aa7a1a2aefb6efdf6e3161b775410f1f6464339c3ebe5bae0
SHA512

f544e949e1efce5a32c90abfb8064619603727e91a62be06e6dca1cef2cf52a844a62e9b0d2876438de3cd70f49c4f5fc342b671d367f654cb30985917f9be86
SSDEEP

6144:DQ7vayfG7XpuEIIuqw7eDBRPl1Lsz+/zmBv5fVH94opqEMr:87b+VumJDBuyrgVzTqj

Score

N/A

Malware Config

Signatures

Files

d0b2edc3432b896aa7a1a2aefb6efdf6e3161b775410f1f6464339c3ebe5bae0
.exe windows x86

4064bc5d6cfc95a2f641c539d4e811bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetTimer
GetMessageA
LoadStringA
DispatchMessageA
KillTimer
wsprintfW
GetWindowThreadProcessId
PostThreadMessageA
CharUpperA
GetWindowTextA
MessageBoxA
CharNextA
PeekMessageA
EnumWindows
IsWindowVisible
wsprintfA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GlobalAddAtomW
FindFirstFileW
HeapAlloc
GetLastError
GlobalFree
InterlockedExchange
LocalFree
HeapFree
GetModuleHandleW
EnumResourceNamesW
FindNextFileA
LockResource
FindFirstFileA
FormatMessageW
EnumResourceNamesA
GetProcAddress
LoadLibraryA
SetLastError
GetCommandLineW
FindResourceExW
SizeofResource
GetProcessHeap
GetCurrentDirectoryW
CloseHandle
GetDateFormatA
EnumResourceLanguagesW
MultiByteToWideChar
LoadResource
EnumResourceTypesW
RaiseException
Sleep

Sections

.text
Size: 138KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy