General
-
Target
9cbf3a16347a221024f07d1234e4798ddb72ca66f647f418411251d5537cc819
-
Size
130KB
-
Sample
221003-a9rcvahfh5
-
MD5
751a34813c4113c95d55172b49b7e1c0
-
SHA1
d665f715e7cd248e31f8b7ef3aa257508de67959
-
SHA256
9cbf3a16347a221024f07d1234e4798ddb72ca66f647f418411251d5537cc819
-
SHA512
67737cc3175f3098e7e183182a246f60537cd769277ec024f1189b8fc168f239cb34f91d65936815e82c2efc4545c0ce43664ca2515e85b51013d94f7273c0ab
-
SSDEEP
3072:CXm0vfFriNb0Ephu1Rvqn4ExwcamCendGrnRc316Ogw9:sf1iy51447mndk+33F
Static task
static1
Behavioral task
behavioral1
Sample
9cbf3a16347a221024f07d1234e4798ddb72ca66f647f418411251d5537cc819.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9cbf3a16347a221024f07d1234e4798ddb72ca66f647f418411251d5537cc819.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://175.118.124.53:8080/forum/viewtopic.php
http://midwdermatology.com:8080/forum/viewtopic.php
http://www.bobadamsinc.com:8080/forum/viewtopic.php
http://www.richadamsinc.com:8080/forum/viewtopic.php
-
payload_url
http://nasosrogas.gr/uwt2b.exe
http://mtmedia.net/tJr4H.exe
http://cinemacityhu.iq.pl/iN5Vf.exe
Targets
-
-
Target
9cbf3a16347a221024f07d1234e4798ddb72ca66f647f418411251d5537cc819
-
Size
130KB
-
MD5
751a34813c4113c95d55172b49b7e1c0
-
SHA1
d665f715e7cd248e31f8b7ef3aa257508de67959
-
SHA256
9cbf3a16347a221024f07d1234e4798ddb72ca66f647f418411251d5537cc819
-
SHA512
67737cc3175f3098e7e183182a246f60537cd769277ec024f1189b8fc168f239cb34f91d65936815e82c2efc4545c0ce43664ca2515e85b51013d94f7273c0ab
-
SSDEEP
3072:CXm0vfFriNb0Ephu1Rvqn4ExwcamCendGrnRc316Ogw9:sf1iy51447mndk+33F
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-