General
-
Target
aafba906695868b3bcaec773f53203ddfef3574b85c70885d9acc6884c457ca4
-
Size
246KB
-
Sample
221124-zr1agahf27
-
MD5
4b83baee79dd31e770e5eb406063be83
-
SHA1
71344f612f7322a2284a750cbfe06c90b3e93d19
-
SHA256
aafba906695868b3bcaec773f53203ddfef3574b85c70885d9acc6884c457ca4
-
SHA512
7d96ddb2936b40f5e20a4d064c6e0a561406c15f8323281814c41a552b10dbe0f5268420677d5285ce06df52e25b72b7d6b23b51cae4bd96d339f17417a6d075
-
SSDEEP
3072:u8uFb75u9PYM2eo9jOPaptz/2RnaUtyW/8n0L6gP52Lb+TojAI:D8PE9PCcPafzuRaRmz6eroL
Static task
static1
Behavioral task
behavioral1
Sample
aafba906695868b3bcaec773f53203ddfef3574b85c70885d9acc6884c457ca4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
aafba906695868b3bcaec773f53203ddfef3574b85c70885d9acc6884c457ca4.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://174.143.147.168:8080/videoRama/googlestat.php
http://199.255.116.12:8080/videoRama/googlestat.php
http://173.237.187.203:8080/videoRama/googlestat.php
Targets
-
-
Target
aafba906695868b3bcaec773f53203ddfef3574b85c70885d9acc6884c457ca4
-
Size
246KB
-
MD5
4b83baee79dd31e770e5eb406063be83
-
SHA1
71344f612f7322a2284a750cbfe06c90b3e93d19
-
SHA256
aafba906695868b3bcaec773f53203ddfef3574b85c70885d9acc6884c457ca4
-
SHA512
7d96ddb2936b40f5e20a4d064c6e0a561406c15f8323281814c41a552b10dbe0f5268420677d5285ce06df52e25b72b7d6b23b51cae4bd96d339f17417a6d075
-
SSDEEP
3072:u8uFb75u9PYM2eo9jOPaptz/2RnaUtyW/8n0L6gP52Lb+TojAI:D8PE9PCcPafzuRaRmz6eroL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-