General
-
Target
4bf9e15f2936e1201a46a45bb182711c.exe
-
Size
195KB
-
Sample
210716-dhfn7xfv6n
-
MD5
4bf9e15f2936e1201a46a45bb182711c
-
SHA1
42957d62a81b5765cf23bb266a1f08d50fa8bdb0
-
SHA256
b218ed444bb65e5b46205b77d875a4cf3029be704b0109d58e3dd20e774c1b93
-
SHA512
2b25a9d13a9c46c4d21aca6ec2677b121ad00a7bda966e27e560733e026c76cba60c3658275a43b39cf7498a9ad55d0c6ed91e7d191118b42436a6c2bad15060
Static task
static1
Behavioral task
behavioral1
Sample
4bf9e15f2936e1201a46a45bb182711c.exe
Resource
win7v20210408
Malware Config
Extracted
pony
http://209.59.216.85/pony/gate.php
http://66.175.218.106/pony/gate.php
-
payload_url
http://ssquarehospitality.com/to04gp5h/ewR7.exe
Targets
-
-
Target
4bf9e15f2936e1201a46a45bb182711c.exe
-
Size
195KB
-
MD5
4bf9e15f2936e1201a46a45bb182711c
-
SHA1
42957d62a81b5765cf23bb266a1f08d50fa8bdb0
-
SHA256
b218ed444bb65e5b46205b77d875a4cf3029be704b0109d58e3dd20e774c1b93
-
SHA512
2b25a9d13a9c46c4d21aca6ec2677b121ad00a7bda966e27e560733e026c76cba60c3658275a43b39cf7498a9ad55d0c6ed91e7d191118b42436a6c2bad15060
-
Deletes itself
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-