General
-
Target
3d53b54d98e14f9de2a2316fe09ee6b9fe27f2dacdd4ad85f52dd1e16eebb006
-
Size
367KB
-
Sample
221123-mp8gvaef84
-
MD5
7ad977e490ead6a113d88aa8091d3dfd
-
SHA1
f5f3c7a449bc658dee88153fbc6cf21061eaa1df
-
SHA256
3d53b54d98e14f9de2a2316fe09ee6b9fe27f2dacdd4ad85f52dd1e16eebb006
-
SHA512
84de4a09c3533f94bf76bbaaf47ee67f5b1da809a40140d570ff7000f912e2f6217dc55f1c42895870c26682c7c4ca52803b5fc802fb039755563d3d20377b5c
-
SSDEEP
6144:CEnfyZlEDVXmnIW2iDKPbIz7yStMvWqDJv7yC3dLPm+UidwOydGWm0CFJ:CEnfyAonINPbwCHDNeCk+UiWOyZwJ
Static task
static1
Behavioral task
behavioral1
Sample
3d53b54d98e14f9de2a2316fe09ee6b9fe27f2dacdd4ad85f52dd1e16eebb006.doc
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
3d53b54d98e14f9de2a2316fe09ee6b9fe27f2dacdd4ad85f52dd1e16eebb006.doc
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://krossfight.eu/trustmebaby/gate.php
-
payload_url
http://www.conteudosdigitais.org/calc.exe
http://autohaus-gutmann.de/calc.exe
http://firstdive.co.kr/calc.exe
Targets
-
-
Target
3d53b54d98e14f9de2a2316fe09ee6b9fe27f2dacdd4ad85f52dd1e16eebb006
-
Size
367KB
-
MD5
7ad977e490ead6a113d88aa8091d3dfd
-
SHA1
f5f3c7a449bc658dee88153fbc6cf21061eaa1df
-
SHA256
3d53b54d98e14f9de2a2316fe09ee6b9fe27f2dacdd4ad85f52dd1e16eebb006
-
SHA512
84de4a09c3533f94bf76bbaaf47ee67f5b1da809a40140d570ff7000f912e2f6217dc55f1c42895870c26682c7c4ca52803b5fc802fb039755563d3d20377b5c
-
SSDEEP
6144:CEnfyZlEDVXmnIW2iDKPbIz7yStMvWqDJv7yC3dLPm+UidwOydGWm0CFJ:CEnfyAonINPbwCHDNeCk+UiWOyZwJ
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-