General
-
Target
d77d48d852e570195ba9726b4754cac0158e81fb0c8bace872726a663962ea34
-
Size
118KB
-
Sample
221108-z8cwhahec6
-
MD5
0b27f3defd651d6d726f0c69d3454956
-
SHA1
7ff32d39fa7f6e0b294e8c3c25e3bcb2a37c4b75
-
SHA256
d77d48d852e570195ba9726b4754cac0158e81fb0c8bace872726a663962ea34
-
SHA512
b61b84fa4962536e8dfd0749df26ed80bca3bcab9aa0453cf6ddeee72c4ef88d4be7cc0a9da80802474ba97434867a1dc4939fdf6cd013a102629bbc878bec35
-
SSDEEP
3072:s+4tJUrODpqVn9vyp8jjdB6oNPNqa1xfy9J2:gnUrOdqHq6b6oN8aDfyP2
Static task
static1
Behavioral task
behavioral1
Sample
d77d48d852e570195ba9726b4754cac0158e81fb0c8bace872726a663962ea34.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d77d48d852e570195ba9726b4754cac0158e81fb0c8bace872726a663962ea34.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://116.122.158.195:8080/forum/viewtopic.php
http://chicagointernationalmover.org/forum/viewtopic.php
http://elmhurstmovers.com/forum/viewtopic.php
http://goodvaluemove.com/forum/viewtopic.php
-
payload_url
http://www.assibia.it/zV0Zpg.exe
http://metrologico.gr/7MJ.exe
http://ftp.magnusondesign.com/PNxq40.exe
http://colinwud.com/xN05g.exe
Targets
-
-
Target
d77d48d852e570195ba9726b4754cac0158e81fb0c8bace872726a663962ea34
-
Size
118KB
-
MD5
0b27f3defd651d6d726f0c69d3454956
-
SHA1
7ff32d39fa7f6e0b294e8c3c25e3bcb2a37c4b75
-
SHA256
d77d48d852e570195ba9726b4754cac0158e81fb0c8bace872726a663962ea34
-
SHA512
b61b84fa4962536e8dfd0749df26ed80bca3bcab9aa0453cf6ddeee72c4ef88d4be7cc0a9da80802474ba97434867a1dc4939fdf6cd013a102629bbc878bec35
-
SSDEEP
3072:s+4tJUrODpqVn9vyp8jjdB6oNPNqa1xfy9J2:gnUrOdqHq6b6oN8aDfyP2
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-