General
-
Target
422e0a530a13793c130c3a7e15048678fd7ce40a0e351cefd43b5b4d879189bc
-
Size
991KB
-
Sample
221127-r4zkpsac5s
-
MD5
d79e563b62b035ef50f186e60c9b1adb
-
SHA1
e52a82c8aa9c1a637a5b2798160e518bbe4a20d6
-
SHA256
422e0a530a13793c130c3a7e15048678fd7ce40a0e351cefd43b5b4d879189bc
-
SHA512
32cda7e9613e7aeeead30dd06f2691a61b30440d6d6b8bc0918fcc25757beddadedebd5f9160947aca33a5450bf7c20fabfc1edd0252d4385f5260f58eb26e98
-
SSDEEP
24576:L86oi6oFwj1jYfNv8ewdVYOlBtxgLGctIv0nUiV:FPFwuN8fYABtLY5V
Static task
static1
Behavioral task
behavioral1
Sample
422e0a530a13793c130c3a7e15048678fd7ce40a0e351cefd43b5b4d879189bc.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://94.102.51.61/p/gate.php
Targets
-
-
Target
422e0a530a13793c130c3a7e15048678fd7ce40a0e351cefd43b5b4d879189bc
-
Size
991KB
-
MD5
d79e563b62b035ef50f186e60c9b1adb
-
SHA1
e52a82c8aa9c1a637a5b2798160e518bbe4a20d6
-
SHA256
422e0a530a13793c130c3a7e15048678fd7ce40a0e351cefd43b5b4d879189bc
-
SHA512
32cda7e9613e7aeeead30dd06f2691a61b30440d6d6b8bc0918fcc25757beddadedebd5f9160947aca33a5450bf7c20fabfc1edd0252d4385f5260f58eb26e98
-
SSDEEP
24576:L86oi6oFwj1jYfNv8ewdVYOlBtxgLGctIv0nUiV:FPFwuN8fYABtLY5V
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-