General
-
Target
13ff26a28ba346cbdc33fc1d2fa1fe5dda098d70157787edb8108ade2c51f6d2
-
Size
35KB
-
Sample
221126-stwazade86
-
MD5
ddcee287470a39ef4fb20fd09ac6e27b
-
SHA1
7ff64d8db01efd491b78a58c258824d94647359e
-
SHA256
13ff26a28ba346cbdc33fc1d2fa1fe5dda098d70157787edb8108ade2c51f6d2
-
SHA512
1a59dee344be0ffb4f6a9d489993c8423ab4c884093051f9cdca18a5b50f62df442c612b1ba4f9360fb35de9548e8b7ad1f80cb29de2d1d24bc4c8c865bcb0d2
-
SSDEEP
768:CVU8/ocZkEqK33sMj9gFELBAixwW+hIVy1ROX/nbcuyD7U:y7AcZkxK68ALLcX/nouy8
Behavioral task
behavioral1
Sample
13ff26a28ba346cbdc33fc1d2fa1fe5dda098d70157787edb8108ade2c51f6d2.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://livepage.comze.com/gate.php
http://livepage.comze.com/success.bat
Targets
-
-
Target
13ff26a28ba346cbdc33fc1d2fa1fe5dda098d70157787edb8108ade2c51f6d2
-
Size
35KB
-
MD5
ddcee287470a39ef4fb20fd09ac6e27b
-
SHA1
7ff64d8db01efd491b78a58c258824d94647359e
-
SHA256
13ff26a28ba346cbdc33fc1d2fa1fe5dda098d70157787edb8108ade2c51f6d2
-
SHA512
1a59dee344be0ffb4f6a9d489993c8423ab4c884093051f9cdca18a5b50f62df442c612b1ba4f9360fb35de9548e8b7ad1f80cb29de2d1d24bc4c8c865bcb0d2
-
SSDEEP
768:CVU8/ocZkEqK33sMj9gFELBAixwW+hIVy1ROX/nbcuyD7U:y7AcZkxK68ALLcX/nouy8
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-