General
-
Target
ee8d6ad858e26f2cd74a4e33a098dcfbc63cfbf2d3ffb71708ba9889d0e7c150
-
Size
122KB
-
Sample
221119-gw2d8agc43
-
MD5
5d2753ec7cf7f213d0fc8cdaca5e5d45
-
SHA1
7684ccce31d06b64d7d9ac379c0174454e250ee8
-
SHA256
ee8d6ad858e26f2cd74a4e33a098dcfbc63cfbf2d3ffb71708ba9889d0e7c150
-
SHA512
f05f1cdc5ca02754951f2dfcdd0a4c0b6ba3957930ad905b6ae6139ca38b2f6c36ef5959347de1f6ae0bfb8b0e690095999359b70026216c2703f1b4bd92b1ef
-
SSDEEP
3072:CX3Ni6RfnmYcG2tf7AiMVGzUNpGlbs7/fJPlBvhp:CX9nJYtz/MVn2S7nB
Static task
static1
Behavioral task
behavioral1
Sample
ee8d6ad858e26f2cd74a4e33a098dcfbc63cfbf2d3ffb71708ba9889d0e7c150.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ee8d6ad858e26f2cd74a4e33a098dcfbc63cfbf2d3ffb71708ba9889d0e7c150.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
pony
http://ochengorit.ru/pizda/gate.php
-
payload_url
http://zemljane.far.ru/N1X.exe
http://parrocchiadiuopini.it/ZrktExKQ.exe
http://ftp.licenter.org/xUceFk.exe
Targets
-
-
Target
ee8d6ad858e26f2cd74a4e33a098dcfbc63cfbf2d3ffb71708ba9889d0e7c150
-
Size
122KB
-
MD5
5d2753ec7cf7f213d0fc8cdaca5e5d45
-
SHA1
7684ccce31d06b64d7d9ac379c0174454e250ee8
-
SHA256
ee8d6ad858e26f2cd74a4e33a098dcfbc63cfbf2d3ffb71708ba9889d0e7c150
-
SHA512
f05f1cdc5ca02754951f2dfcdd0a4c0b6ba3957930ad905b6ae6139ca38b2f6c36ef5959347de1f6ae0bfb8b0e690095999359b70026216c2703f1b4bd92b1ef
-
SSDEEP
3072:CX3Ni6RfnmYcG2tf7AiMVGzUNpGlbs7/fJPlBvhp:CX9nJYtz/MVn2S7nB
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-