General
-
Target
8f69bafe363767592de67f48c47ea4441eccc8cff265fad9d1f2f513ff051d15
-
Size
114KB
-
Sample
221001-2epdjsbddl
-
MD5
7496660fce886f9597184d1d1a4e6533
-
SHA1
f15a375c2259a45a9ca8b6315985b48e50a116dc
-
SHA256
8f69bafe363767592de67f48c47ea4441eccc8cff265fad9d1f2f513ff051d15
-
SHA512
91517476ce5b3d79b4609815187fec99017e8eb1fb2485321eba7fd3d4d90f36a3e0bf9bbc79af7afd2302133387ae991919814e568a98c61d60c99c590aa0ee
-
SSDEEP
3072:dbIuIOiogpYYURe3f1MMqumss8Ay/tnb7RB2R7ayOMreztr:dbIuIsgpmRD/ssABL2FayOMCzt
Static task
static1
Behavioral task
behavioral1
Sample
8f69bafe363767592de67f48c47ea4441eccc8cff265fad9d1f2f513ff051d15.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8f69bafe363767592de67f48c47ea4441eccc8cff265fad9d1f2f513ff051d15.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://199.168.184.198:81/forum/viewtopic.php
http://116.122.158.195:8080/forum/viewtopic.php
http://maine-munchies.com/forum/viewtopic.php
http://thecaviarofmaine.com/forum/viewtopic.php
-
payload_url
http://www.sabrinahotel.it/bZ3f.exe
http://summithill.kaaswilson.com/Nb2Yyi.exe
http://ftp.highimpact-signs.com/t2E.exe
http://classicallyabsurdphotography.com/ySL74.exe
Targets
-
-
Target
8f69bafe363767592de67f48c47ea4441eccc8cff265fad9d1f2f513ff051d15
-
Size
114KB
-
MD5
7496660fce886f9597184d1d1a4e6533
-
SHA1
f15a375c2259a45a9ca8b6315985b48e50a116dc
-
SHA256
8f69bafe363767592de67f48c47ea4441eccc8cff265fad9d1f2f513ff051d15
-
SHA512
91517476ce5b3d79b4609815187fec99017e8eb1fb2485321eba7fd3d4d90f36a3e0bf9bbc79af7afd2302133387ae991919814e568a98c61d60c99c590aa0ee
-
SSDEEP
3072:dbIuIOiogpYYURe3f1MMqumss8Ay/tnb7RB2R7ayOMreztr:dbIuIsgpmRD/ssABL2FayOMCzt
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-