35fa41406dfc18e859d38302ab49ec34f71a13bf5ce16739ee1c25f3e23273ba | Triage

Submit
Reports

Overview

overview

Static

static

35fa41406d...ba.exe

windows7-x64

35fa41406d...ba.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

35fa41406dfc18e859d38302ab49ec34f71a13bf5ce16739ee1c25f3e23273ba.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

35fa41406dfc18e859d38302ab49ec34f71a13bf5ce16739ee1c25f3e23273ba.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

35fa41406dfc18e859d38302ab49ec34f71a13bf5ce16739ee1c25f3e23273ba
Size

118KB
MD5

331aa9894afb8f9e4ead890a4d3d5ab5
SHA1

6128222748a4dc724cf9db9b83ee5fd6e2b602d1
SHA256

35fa41406dfc18e859d38302ab49ec34f71a13bf5ce16739ee1c25f3e23273ba
SHA512

c57ee6eb97ab056a056e172a0822a8c157a836965d51bfdc0a713ee958e31efa4fefb4048010208d391c5b6b361f0e097af5d8ecbe3bbad826f33f9f7a619ac0
SSDEEP

3072:OXkbkTcRAf1639lGiLQznPGlBqhhB0oIhcqp/B:Kv8aiLwnulBqDmoIKW5

Score

N/A

Malware Config

Signatures

Files

35fa41406dfc18e859d38302ab49ec34f71a13bf5ce16739ee1c25f3e23273ba
.exe windows x86

eac38a273d5725d195ab5d401125a19d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReadFile
HeapCreate
GetModuleHandleA
GetFileSize
lstrcatA
FormatMessageW
lstrcpyA
InitializeCriticalSection
GetLastError
SetFileTime
GetExitCodeProcess
GetStartupInfoW
SetFileTime
IsBadWritePtr
LeaveCriticalSection
SetFileTime
CloseHandle
FindResourceW
CreateMutexW
CreatePipe
LoadLibraryA

mstscax

DllUnregisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

user32

PostMessageW
DispatchMessageA
IsWindow
MessageBoxA
GetWindowLongW
GetWindowTextA
PeekMessageW
SetFocus
wsprintfA
PostMessageA
GetWindowRect
IsDialogMessageA
LoadCursorW

clbcatq

SetSetupSave

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rich
Size: 1KB - Virtual size: 193B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ole
Size: 512B - Virtual size: 112B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy