General
-
Target
d14618698b17b5a866533601bf977d1e796e0cc1e9bd7ac7cae11a6b0d0c99b3
-
Size
114KB
-
Sample
221119-g84p4sch7s
-
MD5
1d24ddf4a27d6d77ddc4ae4f36edd3c0
-
SHA1
6eb754498e5909b9ad7a036b86bb11f8cf41b4dd
-
SHA256
d14618698b17b5a866533601bf977d1e796e0cc1e9bd7ac7cae11a6b0d0c99b3
-
SHA512
c5da8c3eb7fb1d6ee41b1f6ea3e2ec1db251337b710136bc61c33305ae840a979fe3ce2c0457cdc67c05b0c52cdda3ff2a517ccffd5cefd8844f1d04d4b8c7e2
-
SSDEEP
3072:n6vbeKNc+XdOU8Xu95s/GwP5PieyCiLeLImyv6nzCtKIpQAkk:nY8U8+nsVhPqCiLe8LvAzxjk
Static task
static1
Behavioral task
behavioral1
Sample
d14618698b17b5a866533601bf977d1e796e0cc1e9bd7ac7cae11a6b0d0c99b3.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
d14618698b17b5a866533601bf977d1e796e0cc1e9bd7ac7cae11a6b0d0c99b3.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://rippedtrainer.com/forum/viewtopic.php
http://subprimemortgage.us/forum/viewtopic.php
http://inflectionism.com/forum/viewtopic.php
http://waltwhitman150.org/forum/viewtopic.php
-
payload_url
http://test.lmpferrara.com/6gsgXBfC.exe
http://www.anipi-emiliaromagna.it/cPd7p9TV.exe
http://jumpsuit.se/tcLub6.exe
http://solhis.net/b2oix6.exe
Targets
-
-
Target
d14618698b17b5a866533601bf977d1e796e0cc1e9bd7ac7cae11a6b0d0c99b3
-
Size
114KB
-
MD5
1d24ddf4a27d6d77ddc4ae4f36edd3c0
-
SHA1
6eb754498e5909b9ad7a036b86bb11f8cf41b4dd
-
SHA256
d14618698b17b5a866533601bf977d1e796e0cc1e9bd7ac7cae11a6b0d0c99b3
-
SHA512
c5da8c3eb7fb1d6ee41b1f6ea3e2ec1db251337b710136bc61c33305ae840a979fe3ce2c0457cdc67c05b0c52cdda3ff2a517ccffd5cefd8844f1d04d4b8c7e2
-
SSDEEP
3072:n6vbeKNc+XdOU8Xu95s/GwP5PieyCiLeLImyv6nzCtKIpQAkk:nY8U8+nsVhPqCiLe8LvAzxjk
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-