General
-
Target
14c96c008de7fb6f4e52b488bedb63dd30b7c62232cec47a7faa4eb7c88b6ef4
-
Size
125KB
-
Sample
221125-vk5t6abh38
-
MD5
a9cdd5647d87e9bcca3b033cc60882a9
-
SHA1
ff40372c9e2891832a34c169185ba7171d414d41
-
SHA256
14c96c008de7fb6f4e52b488bedb63dd30b7c62232cec47a7faa4eb7c88b6ef4
-
SHA512
bbff9258ccef31f39104a902a2e91964df637510dd28a881996277bf26cbfc35a12d1781af1753a66b094aa5947b9ae4adb678a96d0ff3cb70dcd7f3d2f6ba71
-
SSDEEP
3072:VxT2VAu3WNEwQVr8miUpCaPI/nj2bDGNJD4bidQDj:VxT2VT9pBiU9I/j2/GNB4bsU
Static task
static1
Behavioral task
behavioral1
Sample
14c96c008de7fb6f4e52b488bedb63dd30b7c62232cec47a7faa4eb7c88b6ef4.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
14c96c008de7fb6f4e52b488bedb63dd30b7c62232cec47a7faa4eb7c88b6ef4.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://cordilleraescalera.com/images/2.gif/gate.php
http://alabaisse.com/images/take.gif/gate.php
Targets
-
-
Target
14c96c008de7fb6f4e52b488bedb63dd30b7c62232cec47a7faa4eb7c88b6ef4
-
Size
125KB
-
MD5
a9cdd5647d87e9bcca3b033cc60882a9
-
SHA1
ff40372c9e2891832a34c169185ba7171d414d41
-
SHA256
14c96c008de7fb6f4e52b488bedb63dd30b7c62232cec47a7faa4eb7c88b6ef4
-
SHA512
bbff9258ccef31f39104a902a2e91964df637510dd28a881996277bf26cbfc35a12d1781af1753a66b094aa5947b9ae4adb678a96d0ff3cb70dcd7f3d2f6ba71
-
SSDEEP
3072:VxT2VAu3WNEwQVr8miUpCaPI/nj2bDGNJD4bidQDj:VxT2VT9pBiU9I/j2/GNB4bsU
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-