General
-
Target
1aa37a184693a2c59561f2415ade1c10f679d38d7a56e5db3de9aba4fc0983e7
-
Size
134KB
-
Sample
221003-byk75accdm
-
MD5
4dd9280fcb66e30c3a4c18f1d1b7f0ca
-
SHA1
33c5e9a4ff30fbc4b6ae7a09b59d83a6694b4960
-
SHA256
1aa37a184693a2c59561f2415ade1c10f679d38d7a56e5db3de9aba4fc0983e7
-
SHA512
32213a0b67110bfe265a0bc357cc16535a41bfcce20c885227e60cfd1c471e7a7b68d8b7ea3948ab9d6ce874b8c77494f7f4e5f7c313efcfaaefb835ae026086
-
SSDEEP
3072:MkblZSkc5IPC2K7ma7/4tKqD3boLUaUPfePgY:xbbSYPC2Xa7/4tbci3yg
Static task
static1
Behavioral task
behavioral1
Sample
1aa37a184693a2c59561f2415ade1c10f679d38d7a56e5db3de9aba4fc0983e7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1aa37a184693a2c59561f2415ade1c10f679d38d7a56e5db3de9aba4fc0983e7.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
pony
http://116.122.158.195:8080/forum/viewtopic.php
http://talentos.clicken1.com:81/forum/viewtopic.php
http://panama.clicken1.com:81/forum/viewtopic.php
http://monteazul.clicken1.com:81/forum/viewtopic.php
-
payload_url
http://ftp.abssolute.net/G1MeG8Rc.exe
http://bhairavijaikishan.com/Ns89C.exe
http://unarazonmasparasonreir.com.mx/vJh.exe
Targets
-
-
Target
1aa37a184693a2c59561f2415ade1c10f679d38d7a56e5db3de9aba4fc0983e7
-
Size
134KB
-
MD5
4dd9280fcb66e30c3a4c18f1d1b7f0ca
-
SHA1
33c5e9a4ff30fbc4b6ae7a09b59d83a6694b4960
-
SHA256
1aa37a184693a2c59561f2415ade1c10f679d38d7a56e5db3de9aba4fc0983e7
-
SHA512
32213a0b67110bfe265a0bc357cc16535a41bfcce20c885227e60cfd1c471e7a7b68d8b7ea3948ab9d6ce874b8c77494f7f4e5f7c313efcfaaefb835ae026086
-
SSDEEP
3072:MkblZSkc5IPC2K7ma7/4tKqD3boLUaUPfePgY:xbbSYPC2Xa7/4tbci3yg
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-