0d861d0d9fb971c7b9008c411492949b[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

0d861d0d9f...9b.exe

windows7-x64

0d861d0d9f...9b.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

0d861d0d9fb971c7b9008c411492949b.exe

Resource

win7-20230220-en

pony collection discovery rat spyware stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0d861d0d9fb971c7b9008c411492949b.exe

Resource

win10v2004-20230220-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

General

Target

0d861d0d9fb971c7b9008c411492949b.exe
Size

116KB
MD5

0d861d0d9fb971c7b9008c411492949b
SHA1

1500ae7880f883a69af8085e6937c522aef70ddd
SHA256

5fd5ada405ab028dd8f6c7a6ab44cca681b0ceb29d5834a1b23278a02cd8143e
SHA512

5c7d3d65965c00c7d430a508fd5f6da2af29ca9e66e7249ccf79f66d53e6eb0dce071d603b4a6dc6885b60235c296e59e707750e03b97dfd706a1f2cc886b122
SSDEEP

3072:OzhFEu5OhThsRe8O4wjXeVm3Owv2xXq2:Sb41OR0jXe03Ow+4

Score

1^/10

Malware Config

Signatures

Files

0d861d0d9fb971c7b9008c411492949b.exe
.exe windows x86

7a2ee1b3c8005ec1e8a1b134e603e891

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
DeleteFileA
WriteConsoleW
DeleteFileA
GetModuleHandleW
GetProcessHeap
GetModuleHandleA
Heap32Next
GetStringTypeW
SetFilePointer
HeapFree
GetExitCodeProcess
CreateFileMappingW
GetProcessHeap
GetLastError
GetACP
SetCurrentDirectoryA
HeapCreate
GetShortPathNameW
DeleteFileA
GetStringTypeW
SetEnvironmentVariableA
GetConsoleTitleA

mstscax

DllCanUnloadNow
DllGetTscCtlVer
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rs
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy