General
-
Target
eb26ef3e65443f120c41220f7ab8ecba7fa5513c7c130f4e21f6c81686d79cf0
-
Size
56KB
-
Sample
221126-k3gj6sfg85
-
MD5
519e624d234dc9502c96c703398aa0d7
-
SHA1
98c3c585d316db0bd931c4d3e5eaa7d34f24ae6d
-
SHA256
eb26ef3e65443f120c41220f7ab8ecba7fa5513c7c130f4e21f6c81686d79cf0
-
SHA512
7464a9228314e1682a959508864f9b3c158b831b3601ecad6c20cb227d841f0bd3b9e570f30ed1f2c48390ab3ca756690a5b42a348a7302dcf73bfedb84482c2
-
SSDEEP
1536:WMUwfbnamXyBNmGKrWoWJtMnouy8EIP9WvnrVv:W8amCmGKiHtMoutEM8rV
Behavioral task
behavioral1
Sample
eb26ef3e65443f120c41220f7ab8ecba7fa5513c7c130f4e21f6c81686d79cf0.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://www.skshospitality.in/authentication/panel/gate.php
Targets
-
-
Target
eb26ef3e65443f120c41220f7ab8ecba7fa5513c7c130f4e21f6c81686d79cf0
-
Size
56KB
-
MD5
519e624d234dc9502c96c703398aa0d7
-
SHA1
98c3c585d316db0bd931c4d3e5eaa7d34f24ae6d
-
SHA256
eb26ef3e65443f120c41220f7ab8ecba7fa5513c7c130f4e21f6c81686d79cf0
-
SHA512
7464a9228314e1682a959508864f9b3c158b831b3601ecad6c20cb227d841f0bd3b9e570f30ed1f2c48390ab3ca756690a5b42a348a7302dcf73bfedb84482c2
-
SSDEEP
1536:WMUwfbnamXyBNmGKrWoWJtMnouy8EIP9WvnrVv:W8amCmGKiHtMoutEM8rV
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-