General
-
Target
d5ebc1dfd2b9f7e322dc802f390a8be0ecb17c667c90e68c75255ffef73d0721
-
Size
114KB
-
Sample
221002-pbn76afgfp
-
MD5
679ccf0d1d1f9d0a9cbc08edbdc6fd60
-
SHA1
adb96b5c3114628e6e3ff078da8f582159f1c9e2
-
SHA256
d5ebc1dfd2b9f7e322dc802f390a8be0ecb17c667c90e68c75255ffef73d0721
-
SHA512
cda37a5a1e2892343735b8c2ef2d15270633e600738da6d339ec3be8a57ad00f38e9180312408692dbfcd80120c6e0a6951734f9dede7640972a21fdbae62f3f
-
SSDEEP
3072:gLXV2sVB3kKs10c6h7xQGKq0BD6MURkZ5MX:5s5seph7xQG26MZ+
Static task
static1
Behavioral task
behavioral1
Sample
d5ebc1dfd2b9f7e322dc802f390a8be0ecb17c667c90e68c75255ffef73d0721.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d5ebc1dfd2b9f7e322dc802f390a8be0ecb17c667c90e68c75255ffef73d0721.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://beachfrontconcierge.com/ponyb/gate.php
http://dinneraffairs.com/ponyb/gate.php
http://douglasvillestorage.com/ponyb/gate.php
http://herblade.com/ponyb/gate.php
-
payload_url
http://gaiahpl.com/QQuAzs.exe
http://kandu.de/7qW5tXSm.exe
http://s252653471.onlinehome.us/SPJYZe.exe
Targets
-
-
Target
d5ebc1dfd2b9f7e322dc802f390a8be0ecb17c667c90e68c75255ffef73d0721
-
Size
114KB
-
MD5
679ccf0d1d1f9d0a9cbc08edbdc6fd60
-
SHA1
adb96b5c3114628e6e3ff078da8f582159f1c9e2
-
SHA256
d5ebc1dfd2b9f7e322dc802f390a8be0ecb17c667c90e68c75255ffef73d0721
-
SHA512
cda37a5a1e2892343735b8c2ef2d15270633e600738da6d339ec3be8a57ad00f38e9180312408692dbfcd80120c6e0a6951734f9dede7640972a21fdbae62f3f
-
SSDEEP
3072:gLXV2sVB3kKs10c6h7xQGKq0BD6MURkZ5MX:5s5seph7xQG26MZ+
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-