General
-
Target
ab7ce61f502f2573da50c01362db519ec024f7c29179cd153f85c5ae79e04612
-
Size
114KB
-
Sample
221001-2agg5shhg3
-
MD5
648f63127d31256a8ab7ec71cdd3e32d
-
SHA1
a961350a803ef309d2b446f5f0e437a68860294b
-
SHA256
ab7ce61f502f2573da50c01362db519ec024f7c29179cd153f85c5ae79e04612
-
SHA512
6060894898f082f24869335beccc3b0e10a7bf50903f946247302a96b7f64eff8843012bd20ed591698e4c13b6e3b6768e59d3fb35c70f116de7ddcf31d3cb60
-
SSDEEP
3072:2+Iks/HZSnwQpwQsO77kDwpIAMTxaoCkXkcrl8O9Eehk8WLAY1C:2+I//cnw49Py+JMTxhCjOKe+UY
Static task
static1
Behavioral task
behavioral1
Sample
ab7ce61f502f2573da50c01362db519ec024f7c29179cd153f85c5ae79e04612.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
ab7ce61f502f2573da50c01362db519ec024f7c29179cd153f85c5ae79e04612.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://rockims.com/forum/viewtopic.php
http://saltlakecityutahcommercialrealestate.com/forum/viewtopic.php
http://utahbankownedhomesonline.info/forum/viewtopic.php
http://utahonlinerealestate.com/forum/viewtopic.php
-
payload_url
http://jaycees.co.uk/zHHgp2.exe
http://upcomingfunerals.com/oBTASWtn.exe
http://familiapaixao.coconet-us.com/tmMTo.exe
http://www.maschinen.be/gMYiQdv.exe
Targets
-
-
Target
ab7ce61f502f2573da50c01362db519ec024f7c29179cd153f85c5ae79e04612
-
Size
114KB
-
MD5
648f63127d31256a8ab7ec71cdd3e32d
-
SHA1
a961350a803ef309d2b446f5f0e437a68860294b
-
SHA256
ab7ce61f502f2573da50c01362db519ec024f7c29179cd153f85c5ae79e04612
-
SHA512
6060894898f082f24869335beccc3b0e10a7bf50903f946247302a96b7f64eff8843012bd20ed591698e4c13b6e3b6768e59d3fb35c70f116de7ddcf31d3cb60
-
SSDEEP
3072:2+Iks/HZSnwQpwQsO77kDwpIAMTxaoCkXkcrl8O9Eehk8WLAY1C:2+I//cnw49Py+JMTxhCjOKe+UY
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-