General
-
Target
3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44
-
Size
120KB
-
Sample
221002-q19qtshcf7
-
MD5
661bbc899325a3f9a01cffae1db53330
-
SHA1
8c33491ca94ce064eed9751b0a72659dd906df4d
-
SHA256
3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44
-
SHA512
4baed49dd57ad118c235a968d12a9d88d7f08251c7df34729cbfc4522dd5e938044eb8f6f243f40e2f3ee1f9a6aa35f8ac5540bbb6506b4288008179bcd4455e
-
SSDEEP
3072:pST2it+zNlzCaVjZwQre7mJBLaHL7vfeIPUjEIvqgzmng:p8rczrCaHZri4BLEWUIvAn
Static task
static1
Behavioral task
behavioral1
Sample
3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://iguttersupply.com/forum/viewtopic.php
http://micromeshleafguard.com/forum/viewtopic.php
http://ornamentalgutters.com/forum/viewtopic.php
http://radiantcarbonheat.com/forum/viewtopic.php
-
payload_url
http://repro2go.com/eS38N33.exe
http://newton-press.co.uk/iZP4.exe
http://www.atorka.de/XxBZKS.exe
Targets
-
-
Target
3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44
-
Size
120KB
-
MD5
661bbc899325a3f9a01cffae1db53330
-
SHA1
8c33491ca94ce064eed9751b0a72659dd906df4d
-
SHA256
3d2d29d23a18329e5c12e592f61cb09dd515b9a9a715af22b6e037fe822f8f44
-
SHA512
4baed49dd57ad118c235a968d12a9d88d7f08251c7df34729cbfc4522dd5e938044eb8f6f243f40e2f3ee1f9a6aa35f8ac5540bbb6506b4288008179bcd4455e
-
SSDEEP
3072:pST2it+zNlzCaVjZwQre7mJBLaHL7vfeIPUjEIvqgzmng:p8rczrCaHZri4BLEWUIvAn
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-