General
-
Target
8c39be23d5d51d8864544d63f9dbf5dd60b80fb8db4bded8dfd991dc9f273ccd
-
Size
121KB
-
Sample
221002-m5yycadfdl
-
MD5
6386db4ab0329123c43d65dc6bb47ab0
-
SHA1
599a280254cd87a4ae185d44dd4fae522c0c5c3b
-
SHA256
8c39be23d5d51d8864544d63f9dbf5dd60b80fb8db4bded8dfd991dc9f273ccd
-
SHA512
99614201f26e14378fdb5a91f6ebdfdd07c688f86a333aec5649b57d94722c47b251fbb2f928caa94f406f6c6208763d4ba0f19a42d7652c465ba57ade6a56ef
-
SSDEEP
3072:QtJTwIDSW2s0BJCMkNoxxFtWHPFgkYQ0DWDnk2FaBJ0/HCNPD:c0+MzxOHPukYDDWBmC/ipD
Static task
static1
Behavioral task
behavioral1
Sample
8c39be23d5d51d8864544d63f9dbf5dd60b80fb8db4bded8dfd991dc9f273ccd.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8c39be23d5d51d8864544d63f9dbf5dd60b80fb8db4bded8dfd991dc9f273ccd.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://staffcaddie.net/forum/viewtopic.php
http://staffcaddie.org/forum/viewtopic.php
http://convertdebtintocash.com/forum/viewtopic.php
http://davidbarker.us/forum/viewtopic.php
-
payload_url
http://globaldoesitall.com/hPr0.exe
http://derricoassociati.it/rjrtYyw5.exe
http://9ain.net/easm1.exe
http://alteredspaces.ca/sUDtTvrR.exe
Targets
-
-
Target
8c39be23d5d51d8864544d63f9dbf5dd60b80fb8db4bded8dfd991dc9f273ccd
-
Size
121KB
-
MD5
6386db4ab0329123c43d65dc6bb47ab0
-
SHA1
599a280254cd87a4ae185d44dd4fae522c0c5c3b
-
SHA256
8c39be23d5d51d8864544d63f9dbf5dd60b80fb8db4bded8dfd991dc9f273ccd
-
SHA512
99614201f26e14378fdb5a91f6ebdfdd07c688f86a333aec5649b57d94722c47b251fbb2f928caa94f406f6c6208763d4ba0f19a42d7652c465ba57ade6a56ef
-
SSDEEP
3072:QtJTwIDSW2s0BJCMkNoxxFtWHPFgkYQ0DWDnk2FaBJ0/HCNPD:c0+MzxOHPukYDDWBmC/ipD
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-