General
-
Target
404b45f362d56105caeb51d06e980784b89739a9d64062d777a6cfde6821392f
-
Size
133KB
-
Sample
221120-kx12maac7z
-
MD5
416e2c2fcac0cfbb79eb0fbe84d7a290
-
SHA1
88d9b2fa95a3bcd68633b11d3b3af88d6de06493
-
SHA256
404b45f362d56105caeb51d06e980784b89739a9d64062d777a6cfde6821392f
-
SHA512
a9a4b4988e20a87de9188e0e793594ff476821055e542d78dce67ee2038c808e601bfa8e805ed0a33f7956ba4c5fc4190c9542915d8e2b5d92bdb90b48b8ed3e
-
SSDEEP
3072:1r6FpbvUNjOKXwbv4R1RR9TmZLJ4CW/y7OYwR4:JmLU1Ow4vyK1AK7OY/
Static task
static1
Behavioral task
behavioral1
Sample
404b45f362d56105caeb51d06e980784b89739a9d64062d777a6cfde6821392f.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
404b45f362d56105caeb51d06e980784b89739a9d64062d777a6cfde6821392f.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://mail.yaklasim.com:8080/forum/viewtopic.php
http://116.122.158.195:8080/forum/viewtopic.php
http://prosbarandgrill.com/forum/viewtopic.php
http://rap-mobility.com/forum/viewtopic.php
-
payload_url
http://www.holzbau-glas.de/LBM5tvp.exe
http://magento.takkens.com/58x1nHa.exe
http://forexwinnersacademy.com/TBuGtv.exe
http://exhibitlink.biz/s5GqAd.exe
Targets
-
-
Target
404b45f362d56105caeb51d06e980784b89739a9d64062d777a6cfde6821392f
-
Size
133KB
-
MD5
416e2c2fcac0cfbb79eb0fbe84d7a290
-
SHA1
88d9b2fa95a3bcd68633b11d3b3af88d6de06493
-
SHA256
404b45f362d56105caeb51d06e980784b89739a9d64062d777a6cfde6821392f
-
SHA512
a9a4b4988e20a87de9188e0e793594ff476821055e542d78dce67ee2038c808e601bfa8e805ed0a33f7956ba4c5fc4190c9542915d8e2b5d92bdb90b48b8ed3e
-
SSDEEP
3072:1r6FpbvUNjOKXwbv4R1RR9TmZLJ4CW/y7OYwR4:JmLU1Ow4vyK1AK7OY/
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-