General
-
Target
58850268bff9639579bec2bf0b3671a8abc41182706a6f1608fb3f7213db8072
-
Size
123KB
-
Sample
221002-qqlw1sacej
-
MD5
66a00999048400d6cad08a727289c750
-
SHA1
2e97827e51f577d85d7faffc6267d1fceff18b39
-
SHA256
58850268bff9639579bec2bf0b3671a8abc41182706a6f1608fb3f7213db8072
-
SHA512
39ce77953de167355cb04f7cb43965cb465225e03dd7f7a3f664c25ad33318fae7c6483776980a5940649ba03ace23fbd697a713e7d513540647b0ed87fd235f
-
SSDEEP
3072:XhaVOOlL1N9NEBCnqw8BPpFD/bMQhdcR2eVTnvFbTr:RZ8BNLXtyJMQhoVh
Static task
static1
Behavioral task
behavioral1
Sample
58850268bff9639579bec2bf0b3671a8abc41182706a6f1608fb3f7213db8072.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
58850268bff9639579bec2bf0b3671a8abc41182706a6f1608fb3f7213db8072.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
pony
http://94.32.66.114/forum/viewtopic.php
http://116.122.158.195:8080/forum/viewtopic.php
http://sunspf.com/forum/viewtopic.php
http://therapygels.com/forum/viewtopic.php
-
payload_url
http://marklawllc.com/1WJisq18/i9xnd1s.exe
http://roseoptik.de/8K7Tk3bV/ZBRgQ.exe
http://aletharadio.com/yD4r4Y1h/88hJ.exe
Targets
-
-
Target
58850268bff9639579bec2bf0b3671a8abc41182706a6f1608fb3f7213db8072
-
Size
123KB
-
MD5
66a00999048400d6cad08a727289c750
-
SHA1
2e97827e51f577d85d7faffc6267d1fceff18b39
-
SHA256
58850268bff9639579bec2bf0b3671a8abc41182706a6f1608fb3f7213db8072
-
SHA512
39ce77953de167355cb04f7cb43965cb465225e03dd7f7a3f664c25ad33318fae7c6483776980a5940649ba03ace23fbd697a713e7d513540647b0ed87fd235f
-
SSDEEP
3072:XhaVOOlL1N9NEBCnqw8BPpFD/bMQhdcR2eVTnvFbTr:RZ8BNLXtyJMQhoVh
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-