General
-
Target
346104ae58dd335faa403a071536054f1eabedfb8cdb65b57448e173da2db2a6
-
Size
83KB
-
Sample
221127-m4vvasca44
-
MD5
abee4867a4424c721c3be0b505ab1b46
-
SHA1
63c51eabdc456a1ee77567376f3152ba232a5f22
-
SHA256
346104ae58dd335faa403a071536054f1eabedfb8cdb65b57448e173da2db2a6
-
SHA512
a6facc42d1b06a063ef7549858e183d40526c072b2ac6d5b293092d416597f7f96dcf429ffd9906b424ef1c1088c6ad4bc48175f7ee02bc9c5b8d07987f015da
-
SSDEEP
1536:HcuvU/5qTh+RKFOhZlzQY0sX5UwHQP1mOVtHEfTkzmP8Kg:LSEFOBQY0smUOfHEfLP8Kg
Behavioral task
behavioral1
Sample
346104ae58dd335faa403a071536054f1eabedfb8cdb65b57448e173da2db2a6.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://ahmed1337.in/phpgate/gate.php
-
payload_url
http://ahmed1337.in/phpgate/host.exe
Targets
-
-
Target
346104ae58dd335faa403a071536054f1eabedfb8cdb65b57448e173da2db2a6
-
Size
83KB
-
MD5
abee4867a4424c721c3be0b505ab1b46
-
SHA1
63c51eabdc456a1ee77567376f3152ba232a5f22
-
SHA256
346104ae58dd335faa403a071536054f1eabedfb8cdb65b57448e173da2db2a6
-
SHA512
a6facc42d1b06a063ef7549858e183d40526c072b2ac6d5b293092d416597f7f96dcf429ffd9906b424ef1c1088c6ad4bc48175f7ee02bc9c5b8d07987f015da
-
SSDEEP
1536:HcuvU/5qTh+RKFOhZlzQY0sX5UwHQP1mOVtHEfTkzmP8Kg:LSEFOBQY0smUOfHEfLP8Kg
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-