9d412efb648bd38b8e5a837fed4741916023275fb995f7bf34b5f51ef4d03ab3 | Triage

Submit
Reports

Overview

overview

Static

static

9d412efb64...b3.exe

windows7-x64

9d412efb64...b3.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

9d412efb648bd38b8e5a837fed4741916023275fb995f7bf34b5f51ef4d03ab3.exe

Resource

win7-20221111-en

pony discovery rat spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

9d412efb648bd38b8e5a837fed4741916023275fb995f7bf34b5f51ef4d03ab3.exe

Resource

win10v2004-20221111-en

pony discovery rat spyware stealer

windows10-2004-x64

5 signatures

150 seconds

General

Target

9d412efb648bd38b8e5a837fed4741916023275fb995f7bf34b5f51ef4d03ab3
Size

90KB
MD5

4aec2092a31cb381f5dc4be1becd0a0f
SHA1

f4fcac5c094a373edb230a0f4443304e1bfecff5
SHA256

9d412efb648bd38b8e5a837fed4741916023275fb995f7bf34b5f51ef4d03ab3
SHA512

31603dec306f77e861766daf032de71dd3eab8911d08882ab6fdf2f8060182918eef3fb1882bac20ab4bb22e7281b12e1193bc80bf3b7621ff76c52e0df10800
SSDEEP

1536:0Lm0V+id/LNuydELEuX4YWtCvEbcdSW66f92myLtqknHsi17fmRbZw:im0V+id/LTjuDpsNif9DyLU8H9Nm4

Score

N/A

Malware Config

Signatures

Files

9d412efb648bd38b8e5a837fed4741916023275fb995f7bf34b5f51ef4d03ab3
.exe windows x86

d341bcf8eb2d1be7b162c3150103e7a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursorPos
CreateMenu
CheckMenuItem
DestroyMenu
GetTopWindow
GetDC
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
ReleaseDC

gdi32

SelectPalette
DeleteObject
CreateBitmap

oleaut32

VarBoolFromStr
VarUI4FromStr

kernel32

EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLastError
GetSystemTime
InitializeCriticalSection
GlobalAlloc
GetSystemInfo
GlobalFree
LoadLibraryA
FreeLibrary
HeapAlloc
HeapCreate
GetLocalTime

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy