General
-
Target
67d74181d8b1f1a665308a09cb25f33825ae3c8ebc0a16a15fae01fca6cf6c86
-
Size
940KB
-
Sample
221127-m4bresbh88
-
MD5
0fe6f9e97db43d41852fe5bdf72e3997
-
SHA1
2dc15e75791ce26a0b38ca0ecddd577567034507
-
SHA256
67d74181d8b1f1a665308a09cb25f33825ae3c8ebc0a16a15fae01fca6cf6c86
-
SHA512
2e4408fc37e19c6b52d4c7291b7564235a018c1cd498c6e5a1bd3916e101b98b6f78c96ccd2a7a1dc4a19cbb5ee05315316303d812ab7109a185bb37bbc6d461
-
SSDEEP
12288:Gtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSga/7FcB4+76A:Gtb20pkaCqT5TBWgNQ7azQ76A
Static task
static1
Behavioral task
behavioral1
Sample
67d74181d8b1f1a665308a09cb25f33825ae3c8ebc0a16a15fae01fca6cf6c86.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
67d74181d8b1f1a665308a09cb25f33825ae3c8ebc0a16a15fae01fca6cf6c86.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
pony
http://clan.edu.co/hotel/management/Panel/gate.php
-
payload_url
http://clan.edu.co/hotel/management/Panel/upd.exe
Targets
-
-
Target
67d74181d8b1f1a665308a09cb25f33825ae3c8ebc0a16a15fae01fca6cf6c86
-
Size
940KB
-
MD5
0fe6f9e97db43d41852fe5bdf72e3997
-
SHA1
2dc15e75791ce26a0b38ca0ecddd577567034507
-
SHA256
67d74181d8b1f1a665308a09cb25f33825ae3c8ebc0a16a15fae01fca6cf6c86
-
SHA512
2e4408fc37e19c6b52d4c7291b7564235a018c1cd498c6e5a1bd3916e101b98b6f78c96ccd2a7a1dc4a19cbb5ee05315316303d812ab7109a185bb37bbc6d461
-
SSDEEP
12288:Gtb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSga/7FcB4+76A:Gtb20pkaCqT5TBWgNQ7azQ76A
Score10/10-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-