General
-
Target
545de923f11ab09fbcfaf14e3d31f5fd00b4ca61382b9e71319d31fb5be8016a
-
Size
118KB
-
Sample
221120-kpw3psef37
-
MD5
12c38d7e53bfd31b2977c7928d3d2d30
-
SHA1
062873426a7963a9d43f8fad8582a483389dcbb0
-
SHA256
545de923f11ab09fbcfaf14e3d31f5fd00b4ca61382b9e71319d31fb5be8016a
-
SHA512
201605e772c729e43258a5dc6f60133f266941e405b0f551205f8e48c8641d28485c94ecbabb7e0cfd264ae6a86900c9d34456424cd17a11d8aa41f9576adf2d
-
SSDEEP
1536:ou2A9mREKR7R1RE6kbFYIs187SKUtJUbKnSTrTSgu4Unq4qvCmb68nuWa8BzdW+p:gEfFm87wsKn4RU8vb6lIB5W
Static task
static1
Behavioral task
behavioral1
Sample
545de923f11ab09fbcfaf14e3d31f5fd00b4ca61382b9e71319d31fb5be8016a.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
545de923f11ab09fbcfaf14e3d31f5fd00b4ca61382b9e71319d31fb5be8016a.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://mceneryfinancial.com/forum/viewtopic.php
http://megmcenery.com/forum/viewtopic.php
http://taxfreeincomenow.com/forum/viewtopic.php
http://taxfreeincomenow.info/forum/viewtopic.php
-
payload_url
http://www.assibia.it/zV0Zpg.exe
http://metrologico.gr/7MJ.exe
http://ftp.magnusondesign.com/PNxq40.exe
http://colinwud.com/xN05g.exe
Targets
-
-
Target
545de923f11ab09fbcfaf14e3d31f5fd00b4ca61382b9e71319d31fb5be8016a
-
Size
118KB
-
MD5
12c38d7e53bfd31b2977c7928d3d2d30
-
SHA1
062873426a7963a9d43f8fad8582a483389dcbb0
-
SHA256
545de923f11ab09fbcfaf14e3d31f5fd00b4ca61382b9e71319d31fb5be8016a
-
SHA512
201605e772c729e43258a5dc6f60133f266941e405b0f551205f8e48c8641d28485c94ecbabb7e0cfd264ae6a86900c9d34456424cd17a11d8aa41f9576adf2d
-
SSDEEP
1536:ou2A9mREKR7R1RE6kbFYIs187SKUtJUbKnSTrTSgu4Unq4qvCmb68nuWa8BzdW+p:gEfFm87wsKn4RU8vb6lIB5W
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-