General
-
Target
78bfefb3141b11fafd2aab1e0288d652f8df940f5c0184dfd8a4cc6a15ed3eb3
-
Size
137KB
-
Sample
221120-kawtdshd8v
-
MD5
375fb1dd45bde49039ab0f2ad9da599c
-
SHA1
1e3db1b72da05e342f2f7e215f6ac438b60bf7fa
-
SHA256
78bfefb3141b11fafd2aab1e0288d652f8df940f5c0184dfd8a4cc6a15ed3eb3
-
SHA512
174ac925def71eeb41b1405061285df8908cbdc8d55352b47f44375cf975900b04af3917cb1d607e06eb957e0331823f88322d1a0c0013bb94fa1bf606c35671
-
SSDEEP
3072:iBfxYW/4eY5MdvH9tiHZX838RYWKmuEGnZFFwwESFRBSUz4ZJY2Xx8SzsZYHk:Iu1MFsGzPZFFwwNBSvY2X+Zf
Static task
static1
Behavioral task
behavioral1
Sample
78bfefb3141b11fafd2aab1e0288d652f8df940f5c0184dfd8a4cc6a15ed3eb3.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://176.99.12.245/kjhskdjfhskdjhfusdiuhndshcsdkjf/gate.php
-
payload_url
http://176.99.12.245/loadz/DONE.exe
Targets
-
-
Target
78bfefb3141b11fafd2aab1e0288d652f8df940f5c0184dfd8a4cc6a15ed3eb3
-
Size
137KB
-
MD5
375fb1dd45bde49039ab0f2ad9da599c
-
SHA1
1e3db1b72da05e342f2f7e215f6ac438b60bf7fa
-
SHA256
78bfefb3141b11fafd2aab1e0288d652f8df940f5c0184dfd8a4cc6a15ed3eb3
-
SHA512
174ac925def71eeb41b1405061285df8908cbdc8d55352b47f44375cf975900b04af3917cb1d607e06eb957e0331823f88322d1a0c0013bb94fa1bf606c35671
-
SSDEEP
3072:iBfxYW/4eY5MdvH9tiHZX838RYWKmuEGnZFFwwESFRBSUz4ZJY2Xx8SzsZYHk:Iu1MFsGzPZFFwwNBSvY2X+Zf
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-