General
-
Target
d1a6a2e7f45a1a251da30f526d70dc5a5e35269b02bc5800f4f50c9a5676d9f3
-
Size
113KB
-
Sample
221003-azw6cahce4
-
MD5
65fd95d410dd1936feb18e4e46519308
-
SHA1
91f51084588cfa5a342ee63e74ab9e2dcb72f4cf
-
SHA256
d1a6a2e7f45a1a251da30f526d70dc5a5e35269b02bc5800f4f50c9a5676d9f3
-
SHA512
705e8c36a1ce4173ae4c530effb9ceb8d807aee50dcb5d4a6c390f81aea45bef20b2974e7caae008d21089db3362946241b6332a6529e9367953f7cd62a929af
-
SSDEEP
3072:p/oEUOHbsU3NRwlrDsVwdGiWrBPTnSXijrM:iEUO7vNOlvsVFlrnSyr
Static task
static1
Behavioral task
behavioral1
Sample
d1a6a2e7f45a1a251da30f526d70dc5a5e35269b02bc5800f4f50c9a5676d9f3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d1a6a2e7f45a1a251da30f526d70dc5a5e35269b02bc5800f4f50c9a5676d9f3.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://joycethomasdermathensga.com/forum/viewtopic.php
http://joycethomasdermathensga.info/forum/viewtopic.php
http://jthomasmddermathensga.com/forum/viewtopic.php
http://mcontrerasrealty.com/forum/viewtopic.php
-
payload_url
http://agapidis.gr/8Zg.exe
http://www.atorka.de/iREuALTW.exe
http://repro2go.com/KJs0.exe
Targets
-
-
Target
d1a6a2e7f45a1a251da30f526d70dc5a5e35269b02bc5800f4f50c9a5676d9f3
-
Size
113KB
-
MD5
65fd95d410dd1936feb18e4e46519308
-
SHA1
91f51084588cfa5a342ee63e74ab9e2dcb72f4cf
-
SHA256
d1a6a2e7f45a1a251da30f526d70dc5a5e35269b02bc5800f4f50c9a5676d9f3
-
SHA512
705e8c36a1ce4173ae4c530effb9ceb8d807aee50dcb5d4a6c390f81aea45bef20b2974e7caae008d21089db3362946241b6332a6529e9367953f7cd62a929af
-
SSDEEP
3072:p/oEUOHbsU3NRwlrDsVwdGiWrBPTnSXijrM:iEUO7vNOlvsVFlrnSyr
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-