General
-
Target
2014375a5dc7b650ff1f89da7dfa4b7eba153515b9c8557f7bf43d88ef39de9c
-
Size
109KB
-
Sample
221120-k81v1aag6x
-
MD5
334929157920afc78f6e40c7dd312541
-
SHA1
78e1923c3b4ba92750f6062da4e8303d3f11794a
-
SHA256
2014375a5dc7b650ff1f89da7dfa4b7eba153515b9c8557f7bf43d88ef39de9c
-
SHA512
6c7c9d29f6c4301825ebc83b988f0205e2e2c28ae6523f15670f4edf0e7c42cb532da0841651668c3bda3e86c116c5e0998fb3e390d7d20cf6bdc272621496fe
-
SSDEEP
3072:xOWrTXfuats9UDfS/eEdVUh6NqAYJIXg:RrjfQeAGIoRJIQ
Static task
static1
Behavioral task
behavioral1
Sample
2014375a5dc7b650ff1f89da7dfa4b7eba153515b9c8557f7bf43d88ef39de9c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2014375a5dc7b650ff1f89da7dfa4b7eba153515b9c8557f7bf43d88ef39de9c.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
pony
http://apparelacademy.net/forum/viewtopic.php
http://dragoncigars.net/forum/viewtopic.php
http://heavenlycigars.net/forum/viewtopic.php
http://libertychristianstore.com/forum/viewtopic.php
-
payload_url
http://globaldoesitall.com/2gX0.exe
http://derricoassociati.it/KLGS.exe
http://vacancies.cpsic.co.uk/j3HC.exe
http://www.stenocenter.it/BEys1t.exe
Targets
-
-
Target
2014375a5dc7b650ff1f89da7dfa4b7eba153515b9c8557f7bf43d88ef39de9c
-
Size
109KB
-
MD5
334929157920afc78f6e40c7dd312541
-
SHA1
78e1923c3b4ba92750f6062da4e8303d3f11794a
-
SHA256
2014375a5dc7b650ff1f89da7dfa4b7eba153515b9c8557f7bf43d88ef39de9c
-
SHA512
6c7c9d29f6c4301825ebc83b988f0205e2e2c28ae6523f15670f4edf0e7c42cb532da0841651668c3bda3e86c116c5e0998fb3e390d7d20cf6bdc272621496fe
-
SSDEEP
3072:xOWrTXfuats9UDfS/eEdVUh6NqAYJIXg:RrjfQeAGIoRJIQ
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-