General
-
Target
f79ee7729c1390ad330d23112d7bebafa1241d966d23d1bf935c0967ab94301d
-
Size
128KB
-
Sample
221125-awdvladb6s
-
MD5
bf3bed02c44f045d89f6cf081d621788
-
SHA1
b787ae94ee14d72feee21638c88cc400a69b9887
-
SHA256
f79ee7729c1390ad330d23112d7bebafa1241d966d23d1bf935c0967ab94301d
-
SHA512
adbec4b8addfff66d0d045aace090b4533bfff38ddf8b3883b5acca35763487a000c866dca19b779a639d7b66d347e7ee26ed96f34e8ab26420651e6a84e4812
-
SSDEEP
1536:mY46WcKMhgGpsQvGM1BkeLUpDl9oisgi1NQ40Qqh2r24YeYVGsmmyxAnLlUz:D4hahgGpsQ/tLUFtsgiUtlK2TezhJ2+
Static task
static1
Behavioral task
behavioral1
Sample
f79ee7729c1390ad330d23112d7bebafa1241d966d23d1bf935c0967ab94301d.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://comixalex.freeiz.com/alx/gate.php
Targets
-
-
Target
f79ee7729c1390ad330d23112d7bebafa1241d966d23d1bf935c0967ab94301d
-
Size
128KB
-
MD5
bf3bed02c44f045d89f6cf081d621788
-
SHA1
b787ae94ee14d72feee21638c88cc400a69b9887
-
SHA256
f79ee7729c1390ad330d23112d7bebafa1241d966d23d1bf935c0967ab94301d
-
SHA512
adbec4b8addfff66d0d045aace090b4533bfff38ddf8b3883b5acca35763487a000c866dca19b779a639d7b66d347e7ee26ed96f34e8ab26420651e6a84e4812
-
SSDEEP
1536:mY46WcKMhgGpsQvGM1BkeLUpDl9oisgi1NQ40Qqh2r24YeYVGsmmyxAnLlUz:D4hahgGpsQ/tLUFtsgiUtlK2TezhJ2+
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-