General
-
Target
161b2315de45b24630acb1272fdca0f1d5e942cdca429b131a66ff40cd2283eb
-
Size
89KB
-
Sample
221002-2xlqdaecf9
-
MD5
63368e65792b42060d5b9dffef5ae876
-
SHA1
d5bb7c41038093994917ff11c8d0bccdb94a4aef
-
SHA256
161b2315de45b24630acb1272fdca0f1d5e942cdca429b131a66ff40cd2283eb
-
SHA512
1c50205aa1c17ce6bb9063a2d75d423e0d363711b5c2dafe384f6906ee0d009efd51fe14077150ea3e109c8b8c70ef3d762b0408a3063b53d5b4e83d81bd422f
-
SSDEEP
1536:3F83OHuDbqTFvYw1ntYbhIsmmYmXSQfLZiFuLCTGUadwlHKZODwQdTv0EIOkzZfa:V8DmntYbhIsmmYmFfLZO6CTGUadfODsS
Behavioral task
behavioral1
Sample
161b2315de45b24630acb1272fdca0f1d5e942cdca429b131a66ff40cd2283eb.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://204.145.81.43/pony/gate.php
http://204.145.81.46/pony/gate.php
-
payload_url
http://dns42.bserv.com/uacU.exe
http://siecboc.com.br/LqEc.exe
http://nucleo.4waysistemas.com.br/YuWZ.exe
http://ephemeranet.com/iMXzNkp.exe
http://212.235.100.120/5H5yCyG.exe
http://enagrup.ro/UMTuHzKx.exe
Targets
-
-
Target
161b2315de45b24630acb1272fdca0f1d5e942cdca429b131a66ff40cd2283eb
-
Size
89KB
-
MD5
63368e65792b42060d5b9dffef5ae876
-
SHA1
d5bb7c41038093994917ff11c8d0bccdb94a4aef
-
SHA256
161b2315de45b24630acb1272fdca0f1d5e942cdca429b131a66ff40cd2283eb
-
SHA512
1c50205aa1c17ce6bb9063a2d75d423e0d363711b5c2dafe384f6906ee0d009efd51fe14077150ea3e109c8b8c70ef3d762b0408a3063b53d5b4e83d81bd422f
-
SSDEEP
1536:3F83OHuDbqTFvYw1ntYbhIsmmYmXSQfLZiFuLCTGUadwlHKZODwQdTv0EIOkzZfa:V8DmntYbhIsmmYmFfLZO6CTGUadfODsS
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-