General
-
Target
2f3069d84ae69059afc8d538f4cfd3f8e1f03c0f81dfa04a46ee4aa06328fa05
-
Size
112KB
-
Sample
221002-q7eh9sbagq
-
MD5
66fd50d8a33b7aa4314f17de3289d970
-
SHA1
9a328eb1bceb3bb8916a59aafdc726c03612e05f
-
SHA256
2f3069d84ae69059afc8d538f4cfd3f8e1f03c0f81dfa04a46ee4aa06328fa05
-
SHA512
b7119efec7ca59708f5173fdbda55c4bb53f7da8d4830d7ed205514c8fb85811424852681e6d7a5654172fba7e399440750e0ed60e3a21d590626fb0b6259c98
-
SSDEEP
3072:yQac1VNKZTTzVVu8OdTsCvdQDJP8dkpNFX4m1+1FjlK:yQacgLVVudQCvdO8KpT4m1K
Static task
static1
Behavioral task
behavioral1
Sample
2f3069d84ae69059afc8d538f4cfd3f8e1f03c0f81dfa04a46ee4aa06328fa05.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2f3069d84ae69059afc8d538f4cfd3f8e1f03c0f81dfa04a46ee4aa06328fa05.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
pony
http://jacksonvillefloridacommercialrealestate.com/forum/viewtopic.php
http://athleticsrx.ca/forum/viewtopic.php
http://athleticsrx.com/forum/viewtopic.php
http://crossfitshorts.ca/forum/viewtopic.php
-
payload_url
http://test.lmpferrara.com/6gsgXBfC.exe
http://www.anipi-emiliaromagna.it/cPd7p9TV.exe
http://vardanayurvednilayam.com/AnnBd3U.exe
http://jumpsuit.se/tcLub6.exe
Targets
-
-
Target
2f3069d84ae69059afc8d538f4cfd3f8e1f03c0f81dfa04a46ee4aa06328fa05
-
Size
112KB
-
MD5
66fd50d8a33b7aa4314f17de3289d970
-
SHA1
9a328eb1bceb3bb8916a59aafdc726c03612e05f
-
SHA256
2f3069d84ae69059afc8d538f4cfd3f8e1f03c0f81dfa04a46ee4aa06328fa05
-
SHA512
b7119efec7ca59708f5173fdbda55c4bb53f7da8d4830d7ed205514c8fb85811424852681e6d7a5654172fba7e399440750e0ed60e3a21d590626fb0b6259c98
-
SSDEEP
3072:yQac1VNKZTTzVVu8OdTsCvdQDJP8dkpNFX4m1+1FjlK:yQacgLVVudQCvdO8KpT4m1K
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-