General
-
Target
d28c91659e72638828f791ad9ba8de8c5d33cb6bc4c20c4ac38c48e0704f338f
-
Size
123KB
-
Sample
221108-1bhk6ahga3
-
MD5
02f970e0f84cdfb311c31817629aea01
-
SHA1
5d49b12ea8d701c1fc41823d18c686e40a9c4faf
-
SHA256
d28c91659e72638828f791ad9ba8de8c5d33cb6bc4c20c4ac38c48e0704f338f
-
SHA512
97727fd263a11a848ea223a703d8c0645b11800915ced36349e135d9b4d55b2f15cd3d35569a9fdf90003d47bd323724c46264d80b0409dd11a9881a2f84b6a7
-
SSDEEP
3072:f7Lm1S7aWY+W1S3Nb2MZ4d2Gy/JMtJVsceWdLA:f7q1uW1BMhbJMpTdLA
Static task
static1
Behavioral task
behavioral1
Sample
d28c91659e72638828f791ad9ba8de8c5d33cb6bc4c20c4ac38c48e0704f338f.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://lvconcordecontracting.com/forum/viewtopic.php
http://mcbelectrical.ca/forum/viewtopic.php
http://oliviagurun.com/forum/viewtopic.php
http://onecable.ca/forum/viewtopic.php
-
payload_url
http://ftp.pexgol.com/bm6dog.exe
http://67.158.38.155/jiKEb8.exe
http://www.bethererepair.com/AcvAVk.exe
http://aasthakitchen.com/vMTXwWg.exe
Targets
-
-
Target
d28c91659e72638828f791ad9ba8de8c5d33cb6bc4c20c4ac38c48e0704f338f
-
Size
123KB
-
MD5
02f970e0f84cdfb311c31817629aea01
-
SHA1
5d49b12ea8d701c1fc41823d18c686e40a9c4faf
-
SHA256
d28c91659e72638828f791ad9ba8de8c5d33cb6bc4c20c4ac38c48e0704f338f
-
SHA512
97727fd263a11a848ea223a703d8c0645b11800915ced36349e135d9b4d55b2f15cd3d35569a9fdf90003d47bd323724c46264d80b0409dd11a9881a2f84b6a7
-
SSDEEP
3072:f7Lm1S7aWY+W1S3Nb2MZ4d2Gy/JMtJVsceWdLA:f7q1uW1BMhbJMpTdLA
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-