General
-
Target
7bdbdd2a6bd8d1a96913b88eb7de3185fad06538d1f632160bbb17d3e21ff0d9
-
Size
87KB
-
Sample
221125-3wbdpaah6w
-
MD5
805d4d75510ad46afff2d700e201b7ae
-
SHA1
1d1932c880ebe3bc288bd089c2183d40cc2320a0
-
SHA256
7bdbdd2a6bd8d1a96913b88eb7de3185fad06538d1f632160bbb17d3e21ff0d9
-
SHA512
212a0c94a3d7f004f401656bdbbb6f326efca3e70c095c151a91e921616c3c3a7650833882bd1d0a05171dd317e0abf88054accda9b1d455d61c97d9796dccbf
-
SSDEEP
1536:NAqQcEDng+g9cyVanHKWsJFvE8oOGlHpcWuPVtitsmlSa+aUyOeJ161guCMxKhjH:NEDg+g9cyUHtOFM9OGlpcWurY113uOMG
Static task
static1
Behavioral task
behavioral1
Sample
PO20150206H.exe
Resource
win7-20220901-en
Malware Config
Extracted
pony
http://westechi-inc.com/plain/mega/gate.php
-
payload_url
http://westechi-inc.com/plain/mega/shit.exe
Targets
-
-
Target
PO20150206H.exe
-
Size
199KB
-
MD5
047ba2678d39479a95cd9c7281abd773
-
SHA1
6a9313f6ca1e725eba3997fa51d7f4e019a2bc41
-
SHA256
26f8be44ab2f01909be3e34cb66983c39e3be73591cce6bbdbf6d948c6786e9d
-
SHA512
997e2dd68b12cf2a6b0d7e05def221a8e573809a54896fc69bffbc89a2334c368ee265a17996b763e64b1db972cccb783d9918a8520952b180d1e33d5e6ce126
-
SSDEEP
3072:RCJ11fpRe6j/b2aLPbpBqrVw1DilnRF2R:cJ11fpA6jbNbbpBq6Mn3O
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-