General
-
Target
271c55200556b59a200a324d2396fd915b4a1196ff695df3324837e1dfeed02d
-
Size
198KB
-
Sample
221126-sf8ddace62
-
MD5
53710f0860d03137504a072e76d3f036
-
SHA1
7b4912ad92ca95231ad4b45bf33e5a6c66be1750
-
SHA256
271c55200556b59a200a324d2396fd915b4a1196ff695df3324837e1dfeed02d
-
SHA512
ee547fa3f1cde33fbd657209e7454ad7deef82313e27f7841b43581d244094cc39435bbd7355685ba7b9f1476f91e79a6d9ca5a0155db5d06aee9845802d34fc
-
SSDEEP
3072:yoWPI/I3Jl6GB93t0BYrAzww9IwbFG7qyFd6FQPz3kG:ynPdlV3t0zww9tsqyFsS7B
Static task
static1
Behavioral task
behavioral1
Sample
271c55200556b59a200a324d2396fd915b4a1196ff695df3324837e1dfeed02d.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
271c55200556b59a200a324d2396fd915b4a1196ff695df3324837e1dfeed02d.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://188.166.15.172/pony//gate.php
Targets
-
-
Target
271c55200556b59a200a324d2396fd915b4a1196ff695df3324837e1dfeed02d
-
Size
198KB
-
MD5
53710f0860d03137504a072e76d3f036
-
SHA1
7b4912ad92ca95231ad4b45bf33e5a6c66be1750
-
SHA256
271c55200556b59a200a324d2396fd915b4a1196ff695df3324837e1dfeed02d
-
SHA512
ee547fa3f1cde33fbd657209e7454ad7deef82313e27f7841b43581d244094cc39435bbd7355685ba7b9f1476f91e79a6d9ca5a0155db5d06aee9845802d34fc
-
SSDEEP
3072:yoWPI/I3Jl6GB93t0BYrAzww9IwbFG7qyFd6FQPz3kG:ynPdlV3t0zww9tsqyFsS7B
Score10/10-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-