General
-
Target
26f8be44ab2f01909be3e34cb66983c39e3be73591cce6bbdbf6d948c6786e9d
-
Size
199KB
-
Sample
221125-3v96maah6s
-
MD5
047ba2678d39479a95cd9c7281abd773
-
SHA1
6a9313f6ca1e725eba3997fa51d7f4e019a2bc41
-
SHA256
26f8be44ab2f01909be3e34cb66983c39e3be73591cce6bbdbf6d948c6786e9d
-
SHA512
997e2dd68b12cf2a6b0d7e05def221a8e573809a54896fc69bffbc89a2334c368ee265a17996b763e64b1db972cccb783d9918a8520952b180d1e33d5e6ce126
-
SSDEEP
3072:RCJ11fpRe6j/b2aLPbpBqrVw1DilnRF2R:cJ11fpA6jbNbbpBq6Mn3O
Static task
static1
Behavioral task
behavioral1
Sample
26f8be44ab2f01909be3e34cb66983c39e3be73591cce6bbdbf6d948c6786e9d.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://westechi-inc.com/plain/mega/gate.php
-
payload_url
http://westechi-inc.com/plain/mega/shit.exe
Targets
-
-
Target
26f8be44ab2f01909be3e34cb66983c39e3be73591cce6bbdbf6d948c6786e9d
-
Size
199KB
-
MD5
047ba2678d39479a95cd9c7281abd773
-
SHA1
6a9313f6ca1e725eba3997fa51d7f4e019a2bc41
-
SHA256
26f8be44ab2f01909be3e34cb66983c39e3be73591cce6bbdbf6d948c6786e9d
-
SHA512
997e2dd68b12cf2a6b0d7e05def221a8e573809a54896fc69bffbc89a2334c368ee265a17996b763e64b1db972cccb783d9918a8520952b180d1e33d5e6ce126
-
SSDEEP
3072:RCJ11fpRe6j/b2aLPbpBqrVw1DilnRF2R:cJ11fpA6jbNbbpBq6Mn3O
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-