General
-
Target
15c002c3f177c999b0c60070ac247017d953d5d1914d5b273476523dbb1aa636
-
Size
132KB
-
Sample
221003-bzglbsagc2
-
MD5
5819ad90099091dd2244f4ff7775e6f0
-
SHA1
444151ad64273b1584928c9f2b2592a73e34b59b
-
SHA256
15c002c3f177c999b0c60070ac247017d953d5d1914d5b273476523dbb1aa636
-
SHA512
5d57405c7fe927c5eac6b49f4969ef246de4c71762b704f3b5fb25f634b820aa5ea8b0ed6a4cb5de4d04708664fda57231c4753a43e1b2314e73a302745af0df
-
SSDEEP
3072:DhA4A18jvGPYtDTYfD1oILyuOJQsRfWSH:1Bc8jvGSC1oIkSsR+
Static task
static1
Behavioral task
behavioral1
Sample
15c002c3f177c999b0c60070ac247017d953d5d1914d5b273476523dbb1aa636.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
15c002c3f177c999b0c60070ac247017d953d5d1914d5b273476523dbb1aa636.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://ochengorit.ru/pizda/gate.php
-
payload_url
http://globalinfocomgroup.com/9Mto.exe
http://phildamorg.be/FRjD1.exe
http://hakata-ekimae.jp/HgWt.exe
Targets
-
-
Target
15c002c3f177c999b0c60070ac247017d953d5d1914d5b273476523dbb1aa636
-
Size
132KB
-
MD5
5819ad90099091dd2244f4ff7775e6f0
-
SHA1
444151ad64273b1584928c9f2b2592a73e34b59b
-
SHA256
15c002c3f177c999b0c60070ac247017d953d5d1914d5b273476523dbb1aa636
-
SHA512
5d57405c7fe927c5eac6b49f4969ef246de4c71762b704f3b5fb25f634b820aa5ea8b0ed6a4cb5de4d04708664fda57231c4753a43e1b2314e73a302745af0df
-
SSDEEP
3072:DhA4A18jvGPYtDTYfD1oILyuOJQsRfWSH:1Bc8jvGSC1oIkSsR+
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-