General
-
Target
e5d1a1fa54513df4da446f9099a29dea9516f926ccf6dbde0ee261b36d6b3d68
-
Size
363KB
-
Sample
221003-cztfkadhhn
-
MD5
10a558931bd3f366b9fd7f4d4e4e781e
-
SHA1
3d84658fe690b4d953611ed3780bb7d1de36c1d1
-
SHA256
e5d1a1fa54513df4da446f9099a29dea9516f926ccf6dbde0ee261b36d6b3d68
-
SHA512
0c2ee831371c989207f422c859057abb45a71391fd0f8ea1e0b3e3c9376dbcf8c905b5ad1b5e4c36785b17860a7e66b99c641db926b98738e6b9e304a1e1eec4
-
SSDEEP
3072:cJTYbdY/AW9aIg/WfQ+9SUVnvgrNxeSdTNSv+Vq0J3KkbCK056Y477dYZgu0YuLY:hV3/GnIr9dJSGVq0s
Static task
static1
Behavioral task
behavioral1
Sample
e5d1a1fa54513df4da446f9099a29dea9516f926ccf6dbde0ee261b36d6b3d68.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://ntumakafillingxrux.net/meg33/gate.php
Targets
-
-
Target
e5d1a1fa54513df4da446f9099a29dea9516f926ccf6dbde0ee261b36d6b3d68
-
Size
363KB
-
MD5
10a558931bd3f366b9fd7f4d4e4e781e
-
SHA1
3d84658fe690b4d953611ed3780bb7d1de36c1d1
-
SHA256
e5d1a1fa54513df4da446f9099a29dea9516f926ccf6dbde0ee261b36d6b3d68
-
SHA512
0c2ee831371c989207f422c859057abb45a71391fd0f8ea1e0b3e3c9376dbcf8c905b5ad1b5e4c36785b17860a7e66b99c641db926b98738e6b9e304a1e1eec4
-
SSDEEP
3072:cJTYbdY/AW9aIg/WfQ+9SUVnvgrNxeSdTNSv+Vq0J3KkbCK056Y477dYZgu0YuLY:hV3/GnIr9dJSGVq0s
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-