9391c2c19bc74adca440497177ddaa63e650deb8ff86821059d43797ed234362 | Triage

Submit
Reports

Overview

overview

Static

static

9391c2c19b...62.exe

windows7-x64

9391c2c19b...62.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

9391c2c19bc74adca440497177ddaa63e650deb8ff86821059d43797ed234362.exe

Resource

win7-20221111-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

9391c2c19bc74adca440497177ddaa63e650deb8ff86821059d43797ed234362.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

9391c2c19bc74adca440497177ddaa63e650deb8ff86821059d43797ed234362
Size

127KB
MD5

06980320a25d0f1c4b89294eeb00efc0
SHA1

c44bebe1806b230c033ececf9c2f85029d4db5d5
SHA256

9391c2c19bc74adca440497177ddaa63e650deb8ff86821059d43797ed234362
SHA512

3aed5861fc8b690eefac88c5d80ff09c022beb53140c5ac29e0bbcc1b65aa16e5955f23ccccc938d50b2f5d7d5898bcb3abfa0b9ca193709ebd16d8ee0b60a4d
SSDEEP

3072:a6lAvKnpXu8N6F1+hb+oSP0XYBVIDsmBEbVcHiFnsrj1:GcFNbb4aqlmBEbVc4aj1

Score

N/A

Malware Config

Signatures

Files

9391c2c19bc74adca440497177ddaa63e650deb8ff86821059d43797ed234362
.exe windows x86

a915661b6489d6d34440de20853e02b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceW
InterlockedDecrement
GetModuleHandleW
VirtualAllocEx
FindResourceW
GetPrivateProfileIntA
GetPrivateProfileIntA
LoadLibraryA
Heap32First
GetDiskFreeSpaceW
lstrcpyW
lstrcmpA
WaitForSingleObject
GetACP
GetPrivateProfileSectionA
ExitProcess
GetStringTypeW
WriteFileEx
SetEnvironmentVariableA
GetLongPathNameA
GetCurrentDirectoryA
GetExitCodeProcess
InterlockedIncrement

apphelp

SdbCreateMsiTransformFile
ApphelpCheckIME
ApphelpCheckExe
AllowPermLayer

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy