General
-
Target
7a929e0bcdd9783f930e3eb9cf14b3f42c0747410667d9e2059f4b6cf9f03031
-
Size
395KB
-
Sample
221120-kaak6aea52
-
MD5
48ad2da75ae5f7d3d46a8491a800ad10
-
SHA1
b4126a8543518cada2bb3387024694e46bfb56bd
-
SHA256
7a929e0bcdd9783f930e3eb9cf14b3f42c0747410667d9e2059f4b6cf9f03031
-
SHA512
6a701af7c1d74ecc8c08170c5eba7aaa992a9cf1ea8789a453713751dd390783133186e1854123aa83f886f800f33895b8a07365ae8b5464f3859c4a8396f471
-
SSDEEP
12288:CGLgYFsBx4Oag/GDQ9kCF3lFsy4fkAXg7VcWt6tjQWtKgCDAX:FLgYFs1g
Static task
static1
Behavioral task
behavioral1
Sample
7a929e0bcdd9783f930e3eb9cf14b3f42c0747410667d9e2059f4b6cf9f03031.exe
Resource
win7-20220901-en
Malware Config
Extracted
pony
http://ntumakafillingxrux.net/meg33/gate.php
Targets
-
-
Target
7a929e0bcdd9783f930e3eb9cf14b3f42c0747410667d9e2059f4b6cf9f03031
-
Size
395KB
-
MD5
48ad2da75ae5f7d3d46a8491a800ad10
-
SHA1
b4126a8543518cada2bb3387024694e46bfb56bd
-
SHA256
7a929e0bcdd9783f930e3eb9cf14b3f42c0747410667d9e2059f4b6cf9f03031
-
SHA512
6a701af7c1d74ecc8c08170c5eba7aaa992a9cf1ea8789a453713751dd390783133186e1854123aa83f886f800f33895b8a07365ae8b5464f3859c4a8396f471
-
SSDEEP
12288:CGLgYFsBx4Oag/GDQ9kCF3lFsy4fkAXg7VcWt6tjQWtKgCDAX:FLgYFs1g
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-