General
-
Target
5b3d1939ab77650b0be4a46a8ba401ee5c219112531b924da5b4b870340786ba
-
Size
124KB
-
Sample
221120-e3t8dafg27
-
MD5
151c8f0b4139a86c06d33b937da23150
-
SHA1
317a15a6f6cc790d97ab20ccff97d3d5d7d2a296
-
SHA256
5b3d1939ab77650b0be4a46a8ba401ee5c219112531b924da5b4b870340786ba
-
SHA512
b1563787c3ca83a4b69163623de905be56abe24982ec44e2eb6a1aa1a175c51df7b3c92d5cad3a56fb13abdbc10f364c794768c5f177dcbbd82758361a483eb7
-
SSDEEP
3072:GLOlgjd8DnN1zoJSCbQWtdIOhCEqFIu1YS:GL9gnbLCtteOpu1D
Behavioral task
behavioral1
Sample
5b3d1939ab77650b0be4a46a8ba401ee5c219112531b924da5b4b870340786ba.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://shop.smsmpi.com:8080/forum/viewtopic.php
http://smsmpi.com:8080/forum/viewtopic.php
http://admin.vojtekracing.hu:8080/forum/viewtopic.php
http://media.vojtekracing.hu:8080/forum/viewtopic.php
-
payload_url
http://www.depostduif.com/CgSe7PMo/Wq9YM.exe
http://etaphavacilik.com/D3ppyZsm/BYQ.exe
http://www.eicher-fenster.de/tWUmLKoB/SPijrE.exe
Targets
-
-
Target
5b3d1939ab77650b0be4a46a8ba401ee5c219112531b924da5b4b870340786ba
-
Size
124KB
-
MD5
151c8f0b4139a86c06d33b937da23150
-
SHA1
317a15a6f6cc790d97ab20ccff97d3d5d7d2a296
-
SHA256
5b3d1939ab77650b0be4a46a8ba401ee5c219112531b924da5b4b870340786ba
-
SHA512
b1563787c3ca83a4b69163623de905be56abe24982ec44e2eb6a1aa1a175c51df7b3c92d5cad3a56fb13abdbc10f364c794768c5f177dcbbd82758361a483eb7
-
SSDEEP
3072:GLOlgjd8DnN1zoJSCbQWtdIOhCEqFIu1YS:GL9gnbLCtteOpu1D
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-