General
-
Target
23357a72df7d44d6d302e0b4462f610cead5a23b6daa58824e08807f12be56a1
-
Size
123KB
-
Sample
221120-k72e5sag3w
-
MD5
3e1ce664d45da19e84aa0a20598de3b0
-
SHA1
8d13d81a56ff6551431482326aa4babd13b4785e
-
SHA256
23357a72df7d44d6d302e0b4462f610cead5a23b6daa58824e08807f12be56a1
-
SHA512
5a57b03b38679441676df96b582bbbbaeed9f70b8d8be5e964281bbe2f53b0446bd2a65cde2f05ca04fe88f6dcbe63e5852be79a85f86b47d6d79d3aa184b1fd
-
SSDEEP
3072:xdQGNtKU/XJhyQhgDyJ9ALSvvx0IOCgqO5/+6gh:7ZNb/ZMKgDyJFv6D/dgh
Static task
static1
Behavioral task
behavioral1
Sample
23357a72df7d44d6d302e0b4462f610cead5a23b6daa58824e08807f12be56a1.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
23357a72df7d44d6d302e0b4462f610cead5a23b6daa58824e08807f12be56a1.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://mail.yaklasim.com:8080/forum/viewtopic.php
http://lasertoned.com/forum/viewtopic.php
http://lasertuck.com/forum/viewtopic.php
http://lazersculpt.com/forum/viewtopic.php
-
payload_url
http://arepix.cz/AqTb.exe
http://sainitravels.in/JfV8ZsSn.exe
http://www.sysdbs.com.br/GpH.exe
http://yuniedesign.com/QqA4J.exe
Targets
-
-
Target
23357a72df7d44d6d302e0b4462f610cead5a23b6daa58824e08807f12be56a1
-
Size
123KB
-
MD5
3e1ce664d45da19e84aa0a20598de3b0
-
SHA1
8d13d81a56ff6551431482326aa4babd13b4785e
-
SHA256
23357a72df7d44d6d302e0b4462f610cead5a23b6daa58824e08807f12be56a1
-
SHA512
5a57b03b38679441676df96b582bbbbaeed9f70b8d8be5e964281bbe2f53b0446bd2a65cde2f05ca04fe88f6dcbe63e5852be79a85f86b47d6d79d3aa184b1fd
-
SSDEEP
3072:xdQGNtKU/XJhyQhgDyJ9ALSvvx0IOCgqO5/+6gh:7ZNb/ZMKgDyJFv6D/dgh
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-