9ca67ec06e151aba12d55762829a023b76ef65a3ffd607072146c435d66f2053 | Triage

Submit
Reports

Overview

overview

Static

static

9ca67ec06e...53.exe

windows7-x64

9ca67ec06e...53.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9ca67ec06e151aba12d55762829a023b76ef65a3ffd607072146c435d66f2053.exe

Resource

win7-20220901-en

pony discovery evasion persistence rat spyware stealer upx

windows7-x64

20 signatures

150 seconds

Behavioral task

behavioral2

Sample

9ca67ec06e151aba12d55762829a023b76ef65a3ffd607072146c435d66f2053.exe

Resource

win10v2004-20220812-en

pony discovery evasion persistence rat spyware stealer upx

windows10-2004-x64

22 signatures

150 seconds

General

Target

9ca67ec06e151aba12d55762829a023b76ef65a3ffd607072146c435d66f2053
Size

277KB
MD5

7fcef03454bbea77bc8f6fda9b84a6dd
SHA1

7bedce62f4213ce3dc6600118fa810d36a4be9ec
SHA256

9ca67ec06e151aba12d55762829a023b76ef65a3ffd607072146c435d66f2053
SHA512

980c24478f843816c94b2a2ecc9ae74c52d0f391d1df2a9469122124babcfc47797255dc0d8e4abcfe73cb9c1151188cd57d5d63cf6e798360b1e9b04ce097aa
SSDEEP

6144:197bMUgI92ag3BDbfD/I89EfjUipqIsbvFkB:P7b+I/wr/IIEfjnkxja

Score

N/A

Malware Config

Signatures

Files

9ca67ec06e151aba12d55762829a023b76ef65a3ffd607072146c435d66f2053
.exe windows x86

192388cb719ac9df33324ef4b01d6607

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

kernel32

GlobalAddAtomW
HeapAlloc
SizeofResource
GetProcessHeap
GetProcAddress
EnumResourceLanguagesA
FindNextFileW
FindResourceExA
FormatMessageA
GetCurrentDirectoryA
EnumResourceTypesA
RaiseException
EnumResourceNamesA
GlobalFree
EnumResourceNamesA
InterlockedExchange
HeapFree
LoadResource
GetLastError
SetLastError
MultiByteToWideChar
FindFirstFileA
GetCommandLineA
GetCurrencyFormatA
LocalFree
LockResource
GetModuleHandleA
LoadLibraryW
CloseHandle
FindFirstFileW
Sleep

user32

CharUpperW
MessageBoxA
PeekMessageW
GetWindowThreadProcessId
IsWindowVisible
SetTimer
wsprintfW
CharNextA
GetMessageW
GetWindowTextA
EnumWindows
KillTimer
DispatchMessageA
PostThreadMessageW
LoadStringA
wsprintfA

Sections

.text
Size: 143KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy