General
-
Target
8cb4700eaf50f574e6637160dfe78edfc7c2e80007aaa2d69085e37d3d254e3f
-
Size
115KB
-
Sample
221002-p5f4mshcbj
-
MD5
403507b1f057f51e87180d69dce2ab40
-
SHA1
ca11cd7040c99b70f96afc974786b1f6dd4a5997
-
SHA256
8cb4700eaf50f574e6637160dfe78edfc7c2e80007aaa2d69085e37d3d254e3f
-
SHA512
ccd5de65b0b7b7b4cb44a16e8807c47ee7d4579efe7688167b6570e135472424dac8e2cd9f1ff7c29e44561a3c6a5373a7c5eea5c3f6d4d8f6ab6be1448f9d4d
-
SSDEEP
1536:dlMb30JHs7lmz77juao2bGxXVVSDHJjTPZquxFb3T0WCMrRhy0vB7CXxkS:dl63dRmzKZtRVkhTBtFfrrB
Static task
static1
Behavioral task
behavioral1
Sample
8cb4700eaf50f574e6637160dfe78edfc7c2e80007aaa2d69085e37d3d254e3f.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8cb4700eaf50f574e6637160dfe78edfc7c2e80007aaa2d69085e37d3d254e3f.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://800fragrances.com/forum/viewtopic.php
http://aeroliteluggage.com/forum/viewtopic.php
http://aerotechluggage.com/forum/viewtopic.php
http://babysurplusshop.com/forum/viewtopic.php
-
payload_url
http://charlemonttv.com/amfK.exe
http://project5.ignitee.com/7rq7.exe
http://www.inmagonzalez.com/9NMJ.exe
Targets
-
-
Target
8cb4700eaf50f574e6637160dfe78edfc7c2e80007aaa2d69085e37d3d254e3f
-
Size
115KB
-
MD5
403507b1f057f51e87180d69dce2ab40
-
SHA1
ca11cd7040c99b70f96afc974786b1f6dd4a5997
-
SHA256
8cb4700eaf50f574e6637160dfe78edfc7c2e80007aaa2d69085e37d3d254e3f
-
SHA512
ccd5de65b0b7b7b4cb44a16e8807c47ee7d4579efe7688167b6570e135472424dac8e2cd9f1ff7c29e44561a3c6a5373a7c5eea5c3f6d4d8f6ab6be1448f9d4d
-
SSDEEP
1536:dlMb30JHs7lmz77juao2bGxXVVSDHJjTPZquxFb3T0WCMrRhy0vB7CXxkS:dl63dRmzKZtRVkhTBtFfrrB
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-