General
-
Target
77b183338af3c888039a065f7a7db3cebd759375b531826dae6c366f79a5e2cf
-
Size
127KB
-
Sample
221002-qc6z2ahfep
-
MD5
6f86ac9961395ab5cf5e23ec2a903220
-
SHA1
d838dbe629a0b13dc52110c81779483a34ee3c98
-
SHA256
77b183338af3c888039a065f7a7db3cebd759375b531826dae6c366f79a5e2cf
-
SHA512
bf9267d9ec6da94d64e103870dd8016e511c3a96efc2ec951c17cb69cac2902d6533563f4b3be525c2077363447f16c6f1a9f44f910300937b2d8f1716fd3caa
-
SSDEEP
1536:UEFgWZOiGOuh8B0y47CgTmJ47rFVauqUGcVPTOwSPvbEpFoEW6F:7gWZOiGOuhi747NT97rqmVywS48Z6F
Static task
static1
Behavioral task
behavioral1
Sample
77b183338af3c888039a065f7a7db3cebd759375b531826dae6c366f79a5e2cf.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
77b183338af3c888039a065f7a7db3cebd759375b531826dae6c366f79a5e2cf.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
pony
http://94.32.66.114/forum/viewtopic.php
http://116.122.158.195:8080/forum/viewtopic.php
http://onenyapt.com/forum/viewtopic.php
http://onenyapts.com/forum/viewtopic.php
-
payload_url
http://ftp.gilpin.com/k85495X.exe
http://www.kirassistenze.it/ggsr1z1t.exe
http://privatesavings.ca/T36Fv.exe
Targets
-
-
Target
77b183338af3c888039a065f7a7db3cebd759375b531826dae6c366f79a5e2cf
-
Size
127KB
-
MD5
6f86ac9961395ab5cf5e23ec2a903220
-
SHA1
d838dbe629a0b13dc52110c81779483a34ee3c98
-
SHA256
77b183338af3c888039a065f7a7db3cebd759375b531826dae6c366f79a5e2cf
-
SHA512
bf9267d9ec6da94d64e103870dd8016e511c3a96efc2ec951c17cb69cac2902d6533563f4b3be525c2077363447f16c6f1a9f44f910300937b2d8f1716fd3caa
-
SSDEEP
1536:UEFgWZOiGOuh8B0y47CgTmJ47rFVauqUGcVPTOwSPvbEpFoEW6F:7gWZOiGOuhi747NT97rqmVywS48Z6F
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-