General
-
Target
9e97d5c9d090ee150ae8a223d083aaf412f1a654e305ba61d752cb2a0f715551
-
Size
478KB
-
Sample
221126-k24y3sfg75
-
MD5
d0218c97bdb136abcb214c81fcad316c
-
SHA1
93a054c46ff0253c22abad6e449838f5422e6bff
-
SHA256
9e97d5c9d090ee150ae8a223d083aaf412f1a654e305ba61d752cb2a0f715551
-
SHA512
faa8a605e3b73e53d23a461edea137289bf4497329f9bbadd700f2b280927ac0df0329dc67186ccd05b7635bc3f29062ea6abaa751bb9918be963f9925564063
-
SSDEEP
6144:ZdSK04ETTZ+4TBpvjLCafVoe1qBJdeWR5cH7b6ZgA50mrjRY9XRv:ZoL4EnU4T/vjL6Jf5Q7G5trjy1Rv
Static task
static1
Behavioral task
behavioral1
Sample
9e97d5c9d090ee150ae8a223d083aaf412f1a654e305ba61d752cb2a0f715551.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9e97d5c9d090ee150ae8a223d083aaf412f1a654e305ba61d752cb2a0f715551.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://weloveapple.org/cybercry/root/gate.php
Targets
-
-
Target
9e97d5c9d090ee150ae8a223d083aaf412f1a654e305ba61d752cb2a0f715551
-
Size
478KB
-
MD5
d0218c97bdb136abcb214c81fcad316c
-
SHA1
93a054c46ff0253c22abad6e449838f5422e6bff
-
SHA256
9e97d5c9d090ee150ae8a223d083aaf412f1a654e305ba61d752cb2a0f715551
-
SHA512
faa8a605e3b73e53d23a461edea137289bf4497329f9bbadd700f2b280927ac0df0329dc67186ccd05b7635bc3f29062ea6abaa751bb9918be963f9925564063
-
SSDEEP
6144:ZdSK04ETTZ+4TBpvjLCafVoe1qBJdeWR5cH7b6ZgA50mrjRY9XRv:ZoL4EnU4T/vjL6Jf5Q7G5trjy1Rv
Score10/10-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-