General
-
Target
e92392549af07d467fe36c5769aee3491563d90845b137d2b04bb5a3eb8e977e
-
Size
1.0MB
-
Sample
221127-p7enladc71
-
MD5
1af88a496b6891f6db6e681cb8548d76
-
SHA1
29f9faf4b4e8702314c2e733df7f0c4d6a506f76
-
SHA256
e92392549af07d467fe36c5769aee3491563d90845b137d2b04bb5a3eb8e977e
-
SHA512
4f0ba07ba261bd835d39ae95324e3eb361d42310c66f86159a508fc735d822420c6b482d54efded9149bc172da3cc066dc4f1d89decd25dbbb6918a83aed3717
-
SSDEEP
24576:83SeudJkK2S1dcBoaEGLPnSb23Fg4ZjGmQeRoAzs/X0SJeYDhx:gK2Som8S6FwAUlsYNx
Static task
static1
Behavioral task
behavioral1
Sample
e92392549af07d467fe36c5769aee3491563d90845b137d2b04bb5a3eb8e977e.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://94.102.51.61/p/gate.php
Targets
-
-
Target
e92392549af07d467fe36c5769aee3491563d90845b137d2b04bb5a3eb8e977e
-
Size
1.0MB
-
MD5
1af88a496b6891f6db6e681cb8548d76
-
SHA1
29f9faf4b4e8702314c2e733df7f0c4d6a506f76
-
SHA256
e92392549af07d467fe36c5769aee3491563d90845b137d2b04bb5a3eb8e977e
-
SHA512
4f0ba07ba261bd835d39ae95324e3eb361d42310c66f86159a508fc735d822420c6b482d54efded9149bc172da3cc066dc4f1d89decd25dbbb6918a83aed3717
-
SSDEEP
24576:83SeudJkK2S1dcBoaEGLPnSb23Fg4ZjGmQeRoAzs/X0SJeYDhx:gK2Som8S6FwAUlsYNx
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-