General
-
Target
5a6f7943666794dfd60c935da5580b5d78febc6e9dcf65360fb68d875a669afd
-
Size
359KB
-
Sample
221126-aebznsbf6t
-
MD5
54af7419ce9c75ae785439813891c953
-
SHA1
2c270f1f411028b559d53e1c07e7d63d47434e00
-
SHA256
5a6f7943666794dfd60c935da5580b5d78febc6e9dcf65360fb68d875a669afd
-
SHA512
32e0dae96d38f1fd297793fa3c8cec23ae399068eeb976b686f2ccc91c810db5d5dd87ade917ab662e5a786bb90c7742babb5e4e5cae2ad09009ee3042193ba9
-
SSDEEP
6144:haULim0ZUo8lX3LBFJ4XwgejB0RHZNTkFlY8jlX3LBFJ4XwgejB0RHZNTkFlY8L:hrem0ZUPX7nJ4XwRN0RHZNTkFW85X7nz
Static task
static1
Behavioral task
behavioral1
Sample
5a6f7943666794dfd60c935da5580b5d78febc6e9dcf65360fb68d875a669afd.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://91.220.163.32/p/gate.php
Targets
-
-
Target
5a6f7943666794dfd60c935da5580b5d78febc6e9dcf65360fb68d875a669afd
-
Size
359KB
-
MD5
54af7419ce9c75ae785439813891c953
-
SHA1
2c270f1f411028b559d53e1c07e7d63d47434e00
-
SHA256
5a6f7943666794dfd60c935da5580b5d78febc6e9dcf65360fb68d875a669afd
-
SHA512
32e0dae96d38f1fd297793fa3c8cec23ae399068eeb976b686f2ccc91c810db5d5dd87ade917ab662e5a786bb90c7742babb5e4e5cae2ad09009ee3042193ba9
-
SSDEEP
6144:haULim0ZUo8lX3LBFJ4XwgejB0RHZNTkFlY8jlX3LBFJ4XwgejB0RHZNTkFlY8L:hrem0ZUPX7nJ4XwRN0RHZNTkFW85X7nz
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-