General
-
Target
1a3b3b2ea3e752d852af77d6fc00a8a240d90b2c4c1ca5cb1311c9cfdd828a19
-
Size
136KB
-
Sample
221120-l4pslsgg29
-
MD5
5f4db3efdbf4fca163d0dcb122ef3fb0
-
SHA1
79e5bf12126762e6085108ede2a9fd62b53e5a03
-
SHA256
1a3b3b2ea3e752d852af77d6fc00a8a240d90b2c4c1ca5cb1311c9cfdd828a19
-
SHA512
89803a5cdb38c7bf5724d1041b356f91e6c22eded0c41289343c5ecbb651aef5a963e3e88fedbc7ef40d5993c7bf1e4eaf94846a840e7f70b01c480d36b9e2cf
-
SSDEEP
3072:akNkEdAf2o0ro8jOTxeujezYyLaPeUVGZU:1lAf2oWox9eAgYy2WU
Static task
static1
Behavioral task
behavioral1
Sample
1a3b3b2ea3e752d852af77d6fc00a8a240d90b2c4c1ca5cb1311c9cfdd828a19.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://pokontaktu.ru/plugins/system/legacy/id.php
http://www.mosjurkollegia.com/js/update.bin
Targets
-
-
Target
1a3b3b2ea3e752d852af77d6fc00a8a240d90b2c4c1ca5cb1311c9cfdd828a19
-
Size
136KB
-
MD5
5f4db3efdbf4fca163d0dcb122ef3fb0
-
SHA1
79e5bf12126762e6085108ede2a9fd62b53e5a03
-
SHA256
1a3b3b2ea3e752d852af77d6fc00a8a240d90b2c4c1ca5cb1311c9cfdd828a19
-
SHA512
89803a5cdb38c7bf5724d1041b356f91e6c22eded0c41289343c5ecbb651aef5a963e3e88fedbc7ef40d5993c7bf1e4eaf94846a840e7f70b01c480d36b9e2cf
-
SSDEEP
3072:akNkEdAf2o0ro8jOTxeujezYyLaPeUVGZU:1lAf2oWox9eAgYy2WU
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-