General
-
Target
BBFA53306EFE38A0F93D4E3A21ACD8C7171A8D7187767.exe
-
Size
145KB
-
Sample
221110-lv3ccaggd2
-
MD5
ded1a98de51884ce32a29bd8c5d20065
-
SHA1
c20eb6d8374ca201c8fab06601e318914e404a0b
-
SHA256
bbfa53306efe38a0f93d4e3a21acd8c7171a8d7187767479746566b967605c05
-
SHA512
d96e5237d4fdef9913e0dd150ee82c2436c8735efe42e83d3fe29212c0ed5f017bc232bdd35087d5c2548a9be6161a1236cd99d408ebb31504795e9f33374a8c
-
SSDEEP
3072:8nLc57faEHNvVcH3ZJe57Z2PQjKRs+BwwXM0m1Gj55r5xpcD:KuGehVGE/j6d21u55rvp
Static task
static1
Behavioral task
behavioral1
Sample
BBFA53306EFE38A0F93D4E3A21ACD8C7171A8D7187767.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://androidtablets.co.uk/php/gate.php
Targets
-
-
Target
BBFA53306EFE38A0F93D4E3A21ACD8C7171A8D7187767.exe
-
Size
145KB
-
MD5
ded1a98de51884ce32a29bd8c5d20065
-
SHA1
c20eb6d8374ca201c8fab06601e318914e404a0b
-
SHA256
bbfa53306efe38a0f93d4e3a21acd8c7171a8d7187767479746566b967605c05
-
SHA512
d96e5237d4fdef9913e0dd150ee82c2436c8735efe42e83d3fe29212c0ed5f017bc232bdd35087d5c2548a9be6161a1236cd99d408ebb31504795e9f33374a8c
-
SSDEEP
3072:8nLc57faEHNvVcH3ZJe57Z2PQjKRs+BwwXM0m1Gj55r5xpcD:KuGehVGE/j6d21u55rvp
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-