General
-
Target
208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e
-
Size
123KB
-
Sample
221003-bxrnhsccap
-
MD5
63b437bde6ea67f011857e072b25c200
-
SHA1
20a238b16c30b89f0cc81f6b22b959b33ff0e58e
-
SHA256
208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e
-
SHA512
885e4256bb5e3739c60642533caddf57392413ee540aeddad69627a67d21a1bda35f61b12d93d19a370e984beaddaa6a32fc6bb5e9b490d73655398ec98c4380
-
SSDEEP
1536:Y+wGJ9jgTxkYLRGPcjFjpzHppZV9Y0sghTG6nYa6QXqSpzOXqvxA1w+N:zexkYL8qd/9YTgXYtSpzcGxA1
Static task
static1
Behavioral task
behavioral1
Sample
208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://mail.yaklasim.com:8080/forum/viewtopic.php
http://116.122.158.195:8080/forum/viewtopic.php
http://mylifestylestormproducts.com/forum/viewtopic.php
http://mysafefloridahomelife.com/forum/viewtopic.php
-
payload_url
http://lccc-positive-impact.org/yd1.exe
http://dlacton.com/bvNbG.exe
http://mgfinancialplanning.co.uk/AnExiEQs.exe
http://job.intabo.cz/rqs.exe
Targets
-
-
Target
208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e
-
Size
123KB
-
MD5
63b437bde6ea67f011857e072b25c200
-
SHA1
20a238b16c30b89f0cc81f6b22b959b33ff0e58e
-
SHA256
208eb701d77d5a52ca23ddcbaada42e98458e8086efa0c564609bc1a061d312e
-
SHA512
885e4256bb5e3739c60642533caddf57392413ee540aeddad69627a67d21a1bda35f61b12d93d19a370e984beaddaa6a32fc6bb5e9b490d73655398ec98c4380
-
SSDEEP
1536:Y+wGJ9jgTxkYLRGPcjFjpzHppZV9Y0sghTG6nYa6QXqSpzOXqvxA1w+N:zexkYL8qd/9YTgXYtSpzcGxA1
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-