General
-
Target
b391feb9708831ef6b6297c48b9eea031d0c7ac12ea6dc3c8d34d65715c73faa
-
Size
199KB
-
Sample
221125-v3ka6sce92
-
MD5
47acd8fcc1e7e21423c6d70eb8c9e937
-
SHA1
e7e445626ed23ab9cc585788d3e2a7dcd2f29782
-
SHA256
b391feb9708831ef6b6297c48b9eea031d0c7ac12ea6dc3c8d34d65715c73faa
-
SHA512
9b0ad070e87a1b929827e2bb44b66df03c910b5a8c9097bb41c4f979c08893541c54fdc0c631dea3fab2ed4616253e7b4f259e911730c13bbff5c3549ec163e3
-
SSDEEP
6144:9iF/kdrlEiy76zSuGEu6JcEXfBvTCw9FsEpkKBFaMwdg:9iF/ujF2EXWEZLCSDR3a5
Static task
static1
Behavioral task
behavioral1
Sample
b391feb9708831ef6b6297c48b9eea031d0c7ac12ea6dc3c8d34d65715c73faa.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b391feb9708831ef6b6297c48b9eea031d0c7ac12ea6dc3c8d34d65715c73faa.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://havelisangeet.org/images/48repaewoe.php
Targets
-
-
Target
b391feb9708831ef6b6297c48b9eea031d0c7ac12ea6dc3c8d34d65715c73faa
-
Size
199KB
-
MD5
47acd8fcc1e7e21423c6d70eb8c9e937
-
SHA1
e7e445626ed23ab9cc585788d3e2a7dcd2f29782
-
SHA256
b391feb9708831ef6b6297c48b9eea031d0c7ac12ea6dc3c8d34d65715c73faa
-
SHA512
9b0ad070e87a1b929827e2bb44b66df03c910b5a8c9097bb41c4f979c08893541c54fdc0c631dea3fab2ed4616253e7b4f259e911730c13bbff5c3549ec163e3
-
SSDEEP
6144:9iF/kdrlEiy76zSuGEu6JcEXfBvTCw9FsEpkKBFaMwdg:9iF/ujF2EXWEZLCSDR3a5
Score10/10-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-