General
-
Target
46c55f3ae9376ba1201393c1677e6003991c3c2786c27107edf4cbed0b576f30
-
Size
106KB
-
Sample
221120-kvpwksab9t
-
MD5
1988ab9658ba079962e4e6edf0c076d3
-
SHA1
5b656385ac126ff08d42c86de26f82f3be1da602
-
SHA256
46c55f3ae9376ba1201393c1677e6003991c3c2786c27107edf4cbed0b576f30
-
SHA512
59538596f2b7125355b5b79e33b14d65c002be98fdac0b738a4c0ab133fba3f8ee895fcfea63d8128aaf1c5bf03e03e13e632325ead452f62f7f650f25ad5a12
-
SSDEEP
3072:Bk8en2Mh1aTlkFqaynH0pNZNjZJ38/l+eU3t:BzgQSqFgNw/l+T
Static task
static1
Behavioral task
behavioral1
Sample
46c55f3ae9376ba1201393c1677e6003991c3c2786c27107edf4cbed0b576f30.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://187.9.27.164:8080/forum/viewtopic.php
http://66.55.89.148:8080/forum/viewtopic.php
-
payload_url
http://elastic-studio.com/QV9uPgg2/iGVrE.exe
http://displecor.es/s0qs1P9j/Ss88vcWV.exe
http://bellevuestellenbosch.co.za/aLTJE4c9/YtzhS.exe
Targets
-
-
Target
46c55f3ae9376ba1201393c1677e6003991c3c2786c27107edf4cbed0b576f30
-
Size
106KB
-
MD5
1988ab9658ba079962e4e6edf0c076d3
-
SHA1
5b656385ac126ff08d42c86de26f82f3be1da602
-
SHA256
46c55f3ae9376ba1201393c1677e6003991c3c2786c27107edf4cbed0b576f30
-
SHA512
59538596f2b7125355b5b79e33b14d65c002be98fdac0b738a4c0ab133fba3f8ee895fcfea63d8128aaf1c5bf03e03e13e632325ead452f62f7f650f25ad5a12
-
SSDEEP
3072:Bk8en2Mh1aTlkFqaynH0pNZNjZJ38/l+eU3t:BzgQSqFgNw/l+T
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-