General
-
Target
aef418e48c31abad7bec388db2b107bf4f819aa5513d64a62a277f18bea4836a
-
Size
119KB
-
Sample
221002-prw8psgehl
-
MD5
6f06de983979a2b85f2fca0946d29cf0
-
SHA1
9b17f3d4c1574547b5f56bd8e0c33705f2e167ce
-
SHA256
aef418e48c31abad7bec388db2b107bf4f819aa5513d64a62a277f18bea4836a
-
SHA512
bd83852baeeefe6647484d9c2c004177a9156548908b61152ccd955aacc7199181b575656dd13a1ce9d812955bf64aac1ac37663c150abcba98543f019df969a
-
SSDEEP
1536:1iN4ovYORRZpwhApD5tOO/Mb4CDViCf5tUKHUQPib40kyvrdw3ezEf2YvGvytEig:1ip4b4Uzf5MKyvImMEytE5zz6w
Static task
static1
Behavioral task
behavioral1
Sample
aef418e48c31abad7bec388db2b107bf4f819aa5513d64a62a277f18bea4836a.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
aef418e48c31abad7bec388db2b107bf4f819aa5513d64a62a277f18bea4836a.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://talentos.clicken1.com:81/forum/viewtopic.php
http://panama.clicken1.com:81/forum/viewtopic.php
http://monteazul.clicken1.com:81/forum/viewtopic.php
http://199.168.184.198:81/forum/viewtopic.php
-
payload_url
http://cosmobit.gr/y9m.exe
http://rol.dcp.com.mx/kSbh1.exe
http://www.lemon-curry.de/vPEDUuR.exe
Targets
-
-
Target
aef418e48c31abad7bec388db2b107bf4f819aa5513d64a62a277f18bea4836a
-
Size
119KB
-
MD5
6f06de983979a2b85f2fca0946d29cf0
-
SHA1
9b17f3d4c1574547b5f56bd8e0c33705f2e167ce
-
SHA256
aef418e48c31abad7bec388db2b107bf4f819aa5513d64a62a277f18bea4836a
-
SHA512
bd83852baeeefe6647484d9c2c004177a9156548908b61152ccd955aacc7199181b575656dd13a1ce9d812955bf64aac1ac37663c150abcba98543f019df969a
-
SSDEEP
1536:1iN4ovYORRZpwhApD5tOO/Mb4CDViCf5tUKHUQPib40kyvrdw3ezEf2YvGvytEig:1ip4b4Uzf5MKyvImMEytE5zz6w
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-