b1be5e84e2b095d9682f59eb02215ba3d7f70cacb7aa7f57cfa71a1283c31a94 | Triage

Submit
Reports

Overview

overview

Static

static

b1be5e84e2...94.exe

windows7-x64

b1be5e84e2...94.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

b1be5e84e2b095d9682f59eb02215ba3d7f70cacb7aa7f57cfa71a1283c31a94.exe

Resource

win7-20220812-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1be5e84e2b095d9682f59eb02215ba3d7f70cacb7aa7f57cfa71a1283c31a94.exe

Resource

win10v2004-20221111-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

b1be5e84e2b095d9682f59eb02215ba3d7f70cacb7aa7f57cfa71a1283c31a94
Size

121KB
MD5

0b730df2b0f5e3de337f29aea6146850
SHA1

31b8345b7f30385590e68802ac1726775b6a0768
SHA256

b1be5e84e2b095d9682f59eb02215ba3d7f70cacb7aa7f57cfa71a1283c31a94
SHA512

d8f7282da4b2733e02cf2197a2ebcab66f1ddd25a0759d6b8209db600091ce6f9dd763ef5a27e9a76c9240d7475fc32ec38dd9f6eb1c3b88242086ea35662423
SSDEEP

1536:LtA1lxcj7SsbXzdeQrgSvaWo1i4yfb7zpx85sLjRQHeBRhAL3w3VrNrWRL5:LGrAtyWoby/z/85a4sRhiC9NWD

Score

N/A

Malware Config

Signatures

Files

b1be5e84e2b095d9682f59eb02215ba3d7f70cacb7aa7f57cfa71a1283c31a94
.exe windows x86

53251b82d9f868f90ce5f3d03728c4b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
ExitProcess
GetDiskFreeSpaceW
VirtualAllocEx
lstrcmpA
GetDiskFreeSpaceW
GetModuleHandleW
lstrcpyW
FindResourceW
WaitForSingleObject
GetPrivateProfileSectionA
GetCurrentDirectoryA
GetACP
SetEnvironmentVariableA
GetExitCodeProcess
GetLongPathNameA
WriteFileEx
GetPrivateProfileIntA
GetStringTypeW
Heap32First
GetPrivateProfileIntA
InterlockedDecrement
LoadLibraryA

apphelp

AllowPermLayer
SdbCreateMsiTransformFile
ApphelpCheckExe
ApphelpCheckIME

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dbg
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy