General
-
Target
3719ad4a7e91874f601b032029115e7b16f7a5b4ddb1df1ca8861090e9ec1f2c
-
Size
119KB
-
Sample
221003-bsrsqacadj
-
MD5
7bf1c49695b41e51c42fe06d86dda309
-
SHA1
8fc47948065d8a4d13ca5391a950ad7b16247d91
-
SHA256
3719ad4a7e91874f601b032029115e7b16f7a5b4ddb1df1ca8861090e9ec1f2c
-
SHA512
fac9366019a9ebda0825c172fa7dc840960eb1aa26106b632dbc1f1f640ad2566db81936dd861b8ca87f62cc1223ddb0417aa7ed76d5daa4a2b395c41cacb4a4
-
SSDEEP
3072:Ni7dNJmXqdGb+QA0omtscK8791tPxe31tSmqMf7sKbFHI:tlb+QA158x1tPQ31tSLMzdbB
Static task
static1
Behavioral task
behavioral1
Sample
3719ad4a7e91874f601b032029115e7b16f7a5b4ddb1df1ca8861090e9ec1f2c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3719ad4a7e91874f601b032029115e7b16f7a5b4ddb1df1ca8861090e9ec1f2c.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://williamsburgcondominiumsforsale.com/ponyz/gate.php
http://williamsburgcondosforsale.com/ponyz/gate.php
http://woodsofwhitehurst.com/ponyz/gate.php
http://americanmallmodelsearch.com/ponyz/gate.php
-
payload_url
http://www.acmestore.it/L4cWn.exe
http://server.autobeschriftung.at/nEjcrEA.exe
http://test.iboitalia.org/C7oaNwB.exe
Targets
-
-
Target
3719ad4a7e91874f601b032029115e7b16f7a5b4ddb1df1ca8861090e9ec1f2c
-
Size
119KB
-
MD5
7bf1c49695b41e51c42fe06d86dda309
-
SHA1
8fc47948065d8a4d13ca5391a950ad7b16247d91
-
SHA256
3719ad4a7e91874f601b032029115e7b16f7a5b4ddb1df1ca8861090e9ec1f2c
-
SHA512
fac9366019a9ebda0825c172fa7dc840960eb1aa26106b632dbc1f1f640ad2566db81936dd861b8ca87f62cc1223ddb0417aa7ed76d5daa4a2b395c41cacb4a4
-
SSDEEP
3072:Ni7dNJmXqdGb+QA0omtscK8791tPxe31tSmqMf7sKbFHI:tlb+QA158x1tPQ31tSLMzdbB
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-