General
-
Target
d7fc0dddf324798e8a41466c6518b3d82acff8a72ee3b0a83cd893a19bf74bae
-
Size
130KB
-
Sample
221119-g6hd4acg7y
-
MD5
0015330391a97cc20659ef5c82f2f6e1
-
SHA1
862b678b4b6076e66db04875832e138f0f505727
-
SHA256
d7fc0dddf324798e8a41466c6518b3d82acff8a72ee3b0a83cd893a19bf74bae
-
SHA512
45e0af42da640a55d201a61ce13d565699271b296e72cbcc7aee35cc936f82dff2c83612137653554f205d888cd1aa8f461845da2167a846288b7f592d7305b7
-
SSDEEP
3072:xKNDp1vsRM6VVIvSEYu2Zalh8PRzGTCZowbF9Jtr:ENF1Zq4j2Aj8ZaCZowZX
Static task
static1
Behavioral task
behavioral1
Sample
d7fc0dddf324798e8a41466c6518b3d82acff8a72ee3b0a83cd893a19bf74bae.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://stareanatiunii.com:8080/pony/gate.php
http://173.83.251.73:8080/pony/gate.php
-
payload_url
http://umitayna.com/U3iKpN.exe
Targets
-
-
Target
d7fc0dddf324798e8a41466c6518b3d82acff8a72ee3b0a83cd893a19bf74bae
-
Size
130KB
-
MD5
0015330391a97cc20659ef5c82f2f6e1
-
SHA1
862b678b4b6076e66db04875832e138f0f505727
-
SHA256
d7fc0dddf324798e8a41466c6518b3d82acff8a72ee3b0a83cd893a19bf74bae
-
SHA512
45e0af42da640a55d201a61ce13d565699271b296e72cbcc7aee35cc936f82dff2c83612137653554f205d888cd1aa8f461845da2167a846288b7f592d7305b7
-
SSDEEP
3072:xKNDp1vsRM6VVIvSEYu2Zalh8PRzGTCZowbF9Jtr:ENF1Zq4j2Aj8ZaCZowZX
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-