General
-
Target
6bd85b343bc2343ff626f234b3fd067bb6807503856c90fea0f2916fc5b1ae1f
-
Size
595KB
-
Sample
221126-jkhh3scg58
-
MD5
187e823d21f4f97771aaba5317d47470
-
SHA1
df211400139ee9229a364dd78560bcf119057a8f
-
SHA256
6bd85b343bc2343ff626f234b3fd067bb6807503856c90fea0f2916fc5b1ae1f
-
SHA512
4d86ba93b158d5e6864485a420e636131a5036b9e06ec376a356b75434303397318749241f80591c6d0c0f502f973908c38d324cf910a87364e70a9409d33f00
-
SSDEEP
12288:ko0ZjcnNr3So4Ybgob0vSZcVm/IMnfiNAKrCVFcHaaq3J:kPZjcnxh4eIvFMIQ6PrCVkaaq5
Static task
static1
Behavioral task
behavioral1
Sample
6bd85b343bc2343ff626f234b3fd067bb6807503856c90fea0f2916fc5b1ae1f.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
6bd85b343bc2343ff626f234b3fd067bb6807503856c90fea0f2916fc5b1ae1f.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://orangeisabitch.net16.net/gate.php
Targets
-
-
Target
6bd85b343bc2343ff626f234b3fd067bb6807503856c90fea0f2916fc5b1ae1f
-
Size
595KB
-
MD5
187e823d21f4f97771aaba5317d47470
-
SHA1
df211400139ee9229a364dd78560bcf119057a8f
-
SHA256
6bd85b343bc2343ff626f234b3fd067bb6807503856c90fea0f2916fc5b1ae1f
-
SHA512
4d86ba93b158d5e6864485a420e636131a5036b9e06ec376a356b75434303397318749241f80591c6d0c0f502f973908c38d324cf910a87364e70a9409d33f00
-
SSDEEP
12288:ko0ZjcnNr3So4Ybgob0vSZcVm/IMnfiNAKrCVFcHaaq3J:kPZjcnxh4eIvFMIQ6PrCVkaaq5
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-