General
-
Target
982b796edb96993f09e32bcd56b53bcd1754725bde0adba1a718e38350298ee4
-
Size
115KB
-
Sample
221108-2kmrxabfg8
-
MD5
0b9b0490fea84a12e2d34694a88798a0
-
SHA1
6e7458ba5c58b49f859c559ac47df87faee34e88
-
SHA256
982b796edb96993f09e32bcd56b53bcd1754725bde0adba1a718e38350298ee4
-
SHA512
d89ffb1e4a78a034cd64153afd7da78eadd56d9945c6201b7fffffa7ce7a183bfd4a48763f57ffcca7f4b1e5cbdc41907e56d7aeca9a54cf88fd5b1a8594043e
-
SSDEEP
3072:3pNzRpv6k4fFlraVt0sGA56NXEbB/JICGIfF:5yldn+6NSBhI+d
Static task
static1
Behavioral task
behavioral1
Sample
982b796edb96993f09e32bcd56b53bcd1754725bde0adba1a718e38350298ee4.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
982b796edb96993f09e32bcd56b53bcd1754725bde0adba1a718e38350298ee4.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
pony
http://findmynewhouse.co.uk/ponys/gate.php
http://findmynewschool.com/ponys/gate.php
http://trippling.com/ponys/gate.php
http://beachfrontconcierge.com/ponys/gate.php
-
payload_url
http://www.akaneuchida.com/iXLNgi2.exe
http://proeller-shop.homepage.t-online.de/btz.exe
http://dapingluo.com/QfvbZyn.exe
http://weimarenterprises.com/n4t43ZqX.exe
Targets
-
-
Target
982b796edb96993f09e32bcd56b53bcd1754725bde0adba1a718e38350298ee4
-
Size
115KB
-
MD5
0b9b0490fea84a12e2d34694a88798a0
-
SHA1
6e7458ba5c58b49f859c559ac47df87faee34e88
-
SHA256
982b796edb96993f09e32bcd56b53bcd1754725bde0adba1a718e38350298ee4
-
SHA512
d89ffb1e4a78a034cd64153afd7da78eadd56d9945c6201b7fffffa7ce7a183bfd4a48763f57ffcca7f4b1e5cbdc41907e56d7aeca9a54cf88fd5b1a8594043e
-
SSDEEP
3072:3pNzRpv6k4fFlraVt0sGA56NXEbB/JICGIfF:5yldn+6NSBhI+d
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-