General
-
Target
d374edd3b511521ef321aed1796d09ba0f2ed3f367e516d206ecd63842df7eae
-
Size
128KB
-
Sample
221119-g8bpbsgg53
-
MD5
2c3f026643fcbc0e987fbae15926eb70
-
SHA1
82a9ca289759bf56ec0eca5dbd839b2c723b2dee
-
SHA256
d374edd3b511521ef321aed1796d09ba0f2ed3f367e516d206ecd63842df7eae
-
SHA512
fc6772e9e4dacc32104ca7edafe61f0eaf899c629a5be050f2d8bfb867f80d13e5111c56b38f468f6346dfa19eb6a21f8af5db0d903249188c06b7c7448fd0ec
-
SSDEEP
3072:FtyXTo5m/WBe27447SRYeaWJryGDs/1TR5Feb96/wRLWUQyOn9:447SRla/GuD5sb96rUQyOn
Static task
static1
Behavioral task
behavioral1
Sample
d374edd3b511521ef321aed1796d09ba0f2ed3f367e516d206ecd63842df7eae.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
d374edd3b511521ef321aed1796d09ba0f2ed3f367e516d206ecd63842df7eae.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://mail.yaklasim.com:8080/ponyz/gate.php
http://andlettherebelight.com/ponyz/gate.php
http://firepointmedia.net/ponyz/gate.php
http://graphicspecialistsgroup.com/ponyz/gate.php
-
payload_url
http://paperlesscontact.com/EzGhUN.exe
http://1726308.sites.myregisteredsite.com/9ZsS.exe
http://rigbers.de/sSJex.exe
Targets
-
-
Target
d374edd3b511521ef321aed1796d09ba0f2ed3f367e516d206ecd63842df7eae
-
Size
128KB
-
MD5
2c3f026643fcbc0e987fbae15926eb70
-
SHA1
82a9ca289759bf56ec0eca5dbd839b2c723b2dee
-
SHA256
d374edd3b511521ef321aed1796d09ba0f2ed3f367e516d206ecd63842df7eae
-
SHA512
fc6772e9e4dacc32104ca7edafe61f0eaf899c629a5be050f2d8bfb867f80d13e5111c56b38f468f6346dfa19eb6a21f8af5db0d903249188c06b7c7448fd0ec
-
SSDEEP
3072:FtyXTo5m/WBe27447SRYeaWJryGDs/1TR5Feb96/wRLWUQyOn9:447SRla/GuD5sb96rUQyOn
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-