General
-
Target
017a10811f78555e8b87cd47c18c247860f5ee04e8e1971b895ed5f51cd17a6f.exe
-
Size
118KB
-
Sample
220514-q5lvkaaad5
-
MD5
590c694be1fe24073115a84a242b0eba
-
SHA1
d643630621ad74289943a9592416bccb59220b6a
-
SHA256
017a10811f78555e8b87cd47c18c247860f5ee04e8e1971b895ed5f51cd17a6f
-
SHA512
e96031ad68cac74a63a95d1a49e11b66a87c29e4084ea84cae83e9397243def4f494e60545b9b7f495d915bcee497a68b50b16732912647b9cfe77f33761ddad
Static task
static1
Behavioral task
behavioral1
Sample
017a10811f78555e8b87cd47c18c247860f5ee04e8e1971b895ed5f51cd17a6f.exe
Resource
win7-20220414-en
Malware Config
Extracted
pony
http://frankcremascocabinets.com/forum/viewtopic.php
http://giuseppepiruzza.com/forum/viewtopic.php
http://gordonpoint.biz/forum/viewtopic.php
http://gordonpoint.info/forum/viewtopic.php
-
payload_url
http://kryokontur.fr/EHZhPV.exe
http://myshoppingbusiness.com/ngyLs.exe
http://thoroughbredbuilder.com/dgJpw.exe
http://megajet.fr/jnq14U7.exe
Targets
-
-
Target
017a10811f78555e8b87cd47c18c247860f5ee04e8e1971b895ed5f51cd17a6f.exe
-
Size
118KB
-
MD5
590c694be1fe24073115a84a242b0eba
-
SHA1
d643630621ad74289943a9592416bccb59220b6a
-
SHA256
017a10811f78555e8b87cd47c18c247860f5ee04e8e1971b895ed5f51cd17a6f
-
SHA512
e96031ad68cac74a63a95d1a49e11b66a87c29e4084ea84cae83e9397243def4f494e60545b9b7f495d915bcee497a68b50b16732912647b9cfe77f33761ddad
-
suricata: ET MALWARE Fareit/Pony Downloader Checkin 2
suricata: ET MALWARE Fareit/Pony Downloader Checkin 2
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-