General
-
Target
38994ecc32b9ed7ea6e3356a14249321f3d8d1d919eaa880d7303b5bb15433e2
-
Size
95KB
-
Sample
221002-q39hvaahcr
-
MD5
668b7123b479230533fc39c947d3e940
-
SHA1
40dd96f1c9060ab3a40ffcb836fabeaec8efd6b2
-
SHA256
38994ecc32b9ed7ea6e3356a14249321f3d8d1d919eaa880d7303b5bb15433e2
-
SHA512
2f35c817252370889770a2e6a48bd88fa98ac40203163577ec0f8a1780d68a93ad016f44c9cbf91c6d213613a9d2ab430265ce2ebc2c146b86c236552392468b
-
SSDEEP
1536:mbx0UXVZOXROVG5KW1mcjtNyyLJTMrh811ya4ErxAznQg3UhHV99ZtauyG+:kNOXR4G5H3NjTMC1NBgEjfxyG
Static task
static1
Behavioral task
behavioral1
Sample
38994ecc32b9ed7ea6e3356a14249321f3d8d1d919eaa880d7303b5bb15433e2.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://kdsogeu.pw:4915/way/like.php
http://mgfdkfy.pw:4915/way/like.php
Targets
-
-
Target
38994ecc32b9ed7ea6e3356a14249321f3d8d1d919eaa880d7303b5bb15433e2
-
Size
95KB
-
MD5
668b7123b479230533fc39c947d3e940
-
SHA1
40dd96f1c9060ab3a40ffcb836fabeaec8efd6b2
-
SHA256
38994ecc32b9ed7ea6e3356a14249321f3d8d1d919eaa880d7303b5bb15433e2
-
SHA512
2f35c817252370889770a2e6a48bd88fa98ac40203163577ec0f8a1780d68a93ad016f44c9cbf91c6d213613a9d2ab430265ce2ebc2c146b86c236552392468b
-
SSDEEP
1536:mbx0UXVZOXROVG5KW1mcjtNyyLJTMrh811ya4ErxAznQg3UhHV99ZtauyG+:kNOXR4G5H3NjTMC1NBgEjfxyG
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-