General
-
Target
658a8c13d195f827b4e8878536de80449f3eab40e201c55580a953fd682b7b24
-
Size
128KB
-
Sample
221003-bjndyaabc2
-
MD5
720516f472334d1f055cc4f5804cb4b0
-
SHA1
86493e33ecc3d3f371179d0b6b1c596a0d1f3952
-
SHA256
658a8c13d195f827b4e8878536de80449f3eab40e201c55580a953fd682b7b24
-
SHA512
4589f0e73703c5f0d66a337e728ca5b8cd6307599e92bc846d7564297ffa84d0018bc1301f6965d84f27cfe1b047610e65f340c3a3ad46bb1c385ec2d37eda8c
-
SSDEEP
3072:nXzYgSw+fKmp3JC4y44564qPDHCpA6RG3kT7xy2uWoqR2Ehf1+wE09:aZA4s6LrYMUBocR1fAn0
Static task
static1
Behavioral task
behavioral1
Sample
658a8c13d195f827b4e8878536de80449f3eab40e201c55580a953fd682b7b24.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
658a8c13d195f827b4e8878536de80449f3eab40e201c55580a953fd682b7b24.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://ochengorit.ru/pizda/gate.php
-
payload_url
http://citydog-frankfurt.de/KxPzz.exe
http://inertia-automation.com/iyxtd.exe
http://wolfsonbellbeta.com/MoC.exe
Targets
-
-
Target
658a8c13d195f827b4e8878536de80449f3eab40e201c55580a953fd682b7b24
-
Size
128KB
-
MD5
720516f472334d1f055cc4f5804cb4b0
-
SHA1
86493e33ecc3d3f371179d0b6b1c596a0d1f3952
-
SHA256
658a8c13d195f827b4e8878536de80449f3eab40e201c55580a953fd682b7b24
-
SHA512
4589f0e73703c5f0d66a337e728ca5b8cd6307599e92bc846d7564297ffa84d0018bc1301f6965d84f27cfe1b047610e65f340c3a3ad46bb1c385ec2d37eda8c
-
SSDEEP
3072:nXzYgSw+fKmp3JC4y44564qPDHCpA6RG3kT7xy2uWoqR2Ehf1+wE09:aZA4s6LrYMUBocR1fAn0
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-