General
-
Target
81faba385e257aadeeec5f13b11061fd5aa40255994447a9f269f3ed14f479d7
-
Size
114KB
-
Sample
221120-j7gkashc6x
-
MD5
26103234918d2338e7754dd381b41c70
-
SHA1
adf66d856a3e6269e8d3d82f9ffe4b0ca8379bc9
-
SHA256
81faba385e257aadeeec5f13b11061fd5aa40255994447a9f269f3ed14f479d7
-
SHA512
8d28791ba374015481823d6dddfde823be165338c05d88ba5b1da1a0f2f9f0ba54d5977fdf5c81e2555c9783b9a61569ce6bdaca414c57377a07bdf1e943550d
-
SSDEEP
3072:PHZG+XlIyxzsberHxw8jRBkzSRAzXJeDLwi2meaiXrjeBNZgih:8yxfwEB1iZ+LNl7iXOBNZgi
Static task
static1
Behavioral task
behavioral1
Sample
81faba385e257aadeeec5f13b11061fd5aa40255994447a9f269f3ed14f479d7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
81faba385e257aadeeec5f13b11061fd5aa40255994447a9f269f3ed14f479d7.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://checkpointfriendlybusinesscases.com/forum/viewtopic.php
http://checkpointfriendlylaptopcases.com/forum/viewtopic.php
http://checkpointfriendlytravelaccessories.com/forum/viewtopic.php
http://checkpointluggage.com/forum/viewtopic.php
-
payload_url
http://www.mbbd.it/4zZ.exe
http://win.centrostudiathena.com/32qr.exe
http://www.red-devil-fashion.de/mwK8RY6.exe
http://grandns.net/WFHqQ0t1.exe
Targets
-
-
Target
81faba385e257aadeeec5f13b11061fd5aa40255994447a9f269f3ed14f479d7
-
Size
114KB
-
MD5
26103234918d2338e7754dd381b41c70
-
SHA1
adf66d856a3e6269e8d3d82f9ffe4b0ca8379bc9
-
SHA256
81faba385e257aadeeec5f13b11061fd5aa40255994447a9f269f3ed14f479d7
-
SHA512
8d28791ba374015481823d6dddfde823be165338c05d88ba5b1da1a0f2f9f0ba54d5977fdf5c81e2555c9783b9a61569ce6bdaca414c57377a07bdf1e943550d
-
SSDEEP
3072:PHZG+XlIyxzsberHxw8jRBkzSRAzXJeDLwi2meaiXrjeBNZgih:8yxfwEB1iZ+LNl7iXOBNZgi
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-