General
-
Target
6cdcfd97a0955208e5dd00f328610aee1c2c7d3cc3353012de580cdb04d93a03
-
Size
108KB
-
Sample
221003-bhnnbaaah7
-
MD5
6e65a62804f1bf9ab7ee3a74412639d0
-
SHA1
d8286779b0eff4bf88525a0d74fe2e46a5a739e8
-
SHA256
6cdcfd97a0955208e5dd00f328610aee1c2c7d3cc3353012de580cdb04d93a03
-
SHA512
944f52e7ecd92f36139b34a7269b9d7e4b6412305127dcbe1e508fc95584a7772de9b5054ae6b0d7016f6823d933ba940ee6068368e4bfe2ceed7c3f76628b12
-
SSDEEP
1536:ZhhqTEincoMNbZSpSYi6gLeXxliJKwQJm7tpp7PYBSGV2L5E2fMHxKgwC:LKEincoYSpSY1MeBlMBppsBBIV1Uw
Static task
static1
Behavioral task
behavioral1
Sample
6cdcfd97a0955208e5dd00f328610aee1c2c7d3cc3353012de580cdb04d93a03.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6cdcfd97a0955208e5dd00f328610aee1c2c7d3cc3353012de580cdb04d93a03.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://admin.vojtekracing.hu:8080/forum/viewtopic.php
http://media.vojtekracing.hu:8080/forum/viewtopic.php
http://vojtekracing.hu:8080/forum/viewtopic.php
http://195.5.208.204:8080/forum/viewtopic.php
-
payload_url
http://www.depostduif.com/CgSe7PMo/Wq9YM.exe
http://02b123c.netsolhost.com/2pNzchs3/RtH.exe
http://etaphavacilik.com/D3ppyZsm/BYQ.exe
http://hc121012.smartconfig.net/UqzyfYAz/KXsRz4.exe
http://matrimonialz.com/teT5MwkC/zv9B.exe
http://www.eicher-fenster.de/tWUmLKoB/SPijrE.exe
Targets
-
-
Target
6cdcfd97a0955208e5dd00f328610aee1c2c7d3cc3353012de580cdb04d93a03
-
Size
108KB
-
MD5
6e65a62804f1bf9ab7ee3a74412639d0
-
SHA1
d8286779b0eff4bf88525a0d74fe2e46a5a739e8
-
SHA256
6cdcfd97a0955208e5dd00f328610aee1c2c7d3cc3353012de580cdb04d93a03
-
SHA512
944f52e7ecd92f36139b34a7269b9d7e4b6412305127dcbe1e508fc95584a7772de9b5054ae6b0d7016f6823d933ba940ee6068368e4bfe2ceed7c3f76628b12
-
SSDEEP
1536:ZhhqTEincoMNbZSpSYi6gLeXxliJKwQJm7tpp7PYBSGV2L5E2fMHxKgwC:LKEincoYSpSY1MeBlMBppsBBIV1Uw
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-