General
-
Target
6a7e8119f38167ce0d5e12dbbd9c9df70361ed8e732df057687baf592ab0dc0f
-
Size
120KB
-
Sample
221119-fh358aec49
-
MD5
2cb0048d37cc867d053c0a089f5667e0
-
SHA1
34b1be3f27bb823574d4f06def7d3f66a7458134
-
SHA256
6a7e8119f38167ce0d5e12dbbd9c9df70361ed8e732df057687baf592ab0dc0f
-
SHA512
6c16f93503310803520dfd3e27760c1864ae4596589eb281e9efe8fa4cc436e59f36083bdb9a89d5c4050a66d59c81cecdb80568279921b3ca3af3b9a2b981e8
-
SSDEEP
3072:37V1raS7XrvSRBWimEmpLj+dmv9C5e1OE:LV1raSvvSNmPJjgmlYe1h
Static task
static1
Behavioral task
behavioral1
Sample
6a7e8119f38167ce0d5e12dbbd9c9df70361ed8e732df057687baf592ab0dc0f.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
6a7e8119f38167ce0d5e12dbbd9c9df70361ed8e732df057687baf592ab0dc0f.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://forum.xcpus.com:8080/forum/viewtopic.php
http://futuregenerationfuel.com/forum/viewtopic.php
http://homelandfuel.com/forum/viewtopic.php
http://patrioticenergy.com/forum/viewtopic.php
-
payload_url
http://charlemonttv.com/amfK.exe
http://project5.ignitee.com/7rq7.exe
http://www.inmagonzalez.com/9NMJ.exe
Targets
-
-
Target
6a7e8119f38167ce0d5e12dbbd9c9df70361ed8e732df057687baf592ab0dc0f
-
Size
120KB
-
MD5
2cb0048d37cc867d053c0a089f5667e0
-
SHA1
34b1be3f27bb823574d4f06def7d3f66a7458134
-
SHA256
6a7e8119f38167ce0d5e12dbbd9c9df70361ed8e732df057687baf592ab0dc0f
-
SHA512
6c16f93503310803520dfd3e27760c1864ae4596589eb281e9efe8fa4cc436e59f36083bdb9a89d5c4050a66d59c81cecdb80568279921b3ca3af3b9a2b981e8
-
SSDEEP
3072:37V1raS7XrvSRBWimEmpLj+dmv9C5e1OE:LV1raSvvSNmPJjgmlYe1h
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-