General
-
Target
7392fa30d6e60530aaf8c5cc7fecc29aedea166b2b47071f3d4aafe3f0b6d250
-
Size
114KB
-
Sample
221003-bghexaaae2
-
MD5
6f2e5c48e6178b392ffbdab8338afd5c
-
SHA1
2b276fdd6a0f0a241e949f52674111fa186d3d41
-
SHA256
7392fa30d6e60530aaf8c5cc7fecc29aedea166b2b47071f3d4aafe3f0b6d250
-
SHA512
640947ff3e925ad9b169171f35102d84bbd315c461ed269114ab050f1f115a627a34995629d09df6352c6e42b02d1b7471206cfffcd1c453c95f05d8f523ec06
-
SSDEEP
3072:ys0ZUJRvZdpSUsF6hRwHhxJjChGEQzFd0w:qU3xsFWs7U4v
Static task
static1
Behavioral task
behavioral1
Sample
7392fa30d6e60530aaf8c5cc7fecc29aedea166b2b47071f3d4aafe3f0b6d250.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
7392fa30d6e60530aaf8c5cc7fecc29aedea166b2b47071f3d4aafe3f0b6d250.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://luggagecast.com/forum/viewtopic.php
http://luggagejc.com/forum/viewtopic.php
http://luggagepoint.de/forum/viewtopic.php
http://luggagepreview.com/forum/viewtopic.php
-
payload_url
http://204.12.101.9/GDN.exe
http://support.paladin-ent.com/pU7Ze.exe
http://servernas.com.au/TzHGU.exe
http://yoursiteonline.us/qyvV4Li.exe
Targets
-
-
Target
7392fa30d6e60530aaf8c5cc7fecc29aedea166b2b47071f3d4aafe3f0b6d250
-
Size
114KB
-
MD5
6f2e5c48e6178b392ffbdab8338afd5c
-
SHA1
2b276fdd6a0f0a241e949f52674111fa186d3d41
-
SHA256
7392fa30d6e60530aaf8c5cc7fecc29aedea166b2b47071f3d4aafe3f0b6d250
-
SHA512
640947ff3e925ad9b169171f35102d84bbd315c461ed269114ab050f1f115a627a34995629d09df6352c6e42b02d1b7471206cfffcd1c453c95f05d8f523ec06
-
SSDEEP
3072:ys0ZUJRvZdpSUsF6hRwHhxJjChGEQzFd0w:qU3xsFWs7U4v
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-