General
-
Target
d4f57cd11a6a304822a950c087c17a8b29460dc499931a9fc6913be2b9291af9
-
Size
102KB
-
Sample
221125-3bsr8shb7y
-
MD5
b47064891078439dadf503a4ffd118fc
-
SHA1
1a4b6d26f43e57641bfcff3008e3078544f369b4
-
SHA256
d4f57cd11a6a304822a950c087c17a8b29460dc499931a9fc6913be2b9291af9
-
SHA512
dc131b637e36ae446947c3f48226cb2218a01b296c6eba9c607c2cedbe59489f4344e5cf2f893dd5e753e4e28540ab26a4e97f7f3b964c838901f38ab3d46db4
-
SSDEEP
1536:ScETjK5IcfEoA+FQjivLGNmSqYRgx9CDkxTc+4346VO9bPZ3Ne3FV:3CjK5buuDGQ1Cgx9CDCG346VO1PZ3Ne
Static task
static1
Behavioral task
behavioral1
Sample
d4f57cd11a6a304822a950c087c17a8b29460dc499931a9fc6913be2b9291af9.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://115.47.49.181/xSZ64Wiax/ojXVZBxRQVfp6gAUziCGnB8V7Aikbs0Z.php
Targets
-
-
Target
d4f57cd11a6a304822a950c087c17a8b29460dc499931a9fc6913be2b9291af9
-
Size
102KB
-
MD5
b47064891078439dadf503a4ffd118fc
-
SHA1
1a4b6d26f43e57641bfcff3008e3078544f369b4
-
SHA256
d4f57cd11a6a304822a950c087c17a8b29460dc499931a9fc6913be2b9291af9
-
SHA512
dc131b637e36ae446947c3f48226cb2218a01b296c6eba9c607c2cedbe59489f4344e5cf2f893dd5e753e4e28540ab26a4e97f7f3b964c838901f38ab3d46db4
-
SSDEEP
1536:ScETjK5IcfEoA+FQjivLGNmSqYRgx9CDkxTc+4346VO9bPZ3Ne3FV:3CjK5buuDGQ1Cgx9CDCG346VO1PZ3Ne
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-