General
-
Target
82de558b4b23bb435649e7e337d9aa2730b1030d7cb5db57bbcfaf720c1d6b9b
-
Size
112KB
-
Sample
221120-j64cnshc51
-
MD5
46df6704acfbd42904279f0e51bfe919
-
SHA1
8bbca04bd6c98f27e5a43372f79f41661efdd0b8
-
SHA256
82de558b4b23bb435649e7e337d9aa2730b1030d7cb5db57bbcfaf720c1d6b9b
-
SHA512
e489422cea7135e686b9653b8c973500ab912a88ff1e09eae0d49f328049dbd41673f40f950e4c77b8508c143f313b8cd94ed6c9961e59791824bbf03438a3a2
-
SSDEEP
3072:iY1A8cxh/pmkEEBvWG06sZLxeV8/iAYIkiy9glhia:mRmKBvueCPYIkn9C
Static task
static1
Behavioral task
behavioral1
Sample
82de558b4b23bb435649e7e337d9aa2730b1030d7cb5db57bbcfaf720c1d6b9b.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
82de558b4b23bb435649e7e337d9aa2730b1030d7cb5db57bbcfaf720c1d6b9b.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://londonleatherusa.com/forum/viewtopic.php
http://luggage-tv.com/forum/viewtopic.php
http://luggagecast.com/forum/viewtopic.php
http://luggagejc.com/forum/viewtopic.php
-
payload_url
http://www.chs76ers.org/f9bszz5.exe
http://diver-station.com.tw/DpBSrKJ.exe
http://mulberry.com.hk/ZB1h.exe
http://pdisb.net/s6Z2PSa.exe
Targets
-
-
Target
82de558b4b23bb435649e7e337d9aa2730b1030d7cb5db57bbcfaf720c1d6b9b
-
Size
112KB
-
MD5
46df6704acfbd42904279f0e51bfe919
-
SHA1
8bbca04bd6c98f27e5a43372f79f41661efdd0b8
-
SHA256
82de558b4b23bb435649e7e337d9aa2730b1030d7cb5db57bbcfaf720c1d6b9b
-
SHA512
e489422cea7135e686b9653b8c973500ab912a88ff1e09eae0d49f328049dbd41673f40f950e4c77b8508c143f313b8cd94ed6c9961e59791824bbf03438a3a2
-
SSDEEP
3072:iY1A8cxh/pmkEEBvWG06sZLxeV8/iAYIkiy9glhia:mRmKBvueCPYIkn9C
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-