General
-
Target
115301684a07d11965f145257a429d0f570e611b7eae16ae8fa55dd765849e2f
-
Size
235KB
-
Sample
221128-m2vrhsdc61
-
MD5
4e5856d0d6766b4142f1e626fcbb415a
-
SHA1
2c8e5a953047c0370c7fed8de5056f314261b928
-
SHA256
115301684a07d11965f145257a429d0f570e611b7eae16ae8fa55dd765849e2f
-
SHA512
bf9f33bac7b831101ba86d56c23acb7b66ba95eed196d28b187cfceba9f8b755ee384a6395aaae12aeeff176d1208d6096bb1e703c7ced244a58f02dd375f7f7
-
SSDEEP
6144:Hq6SZHJo1Gl8thITcY/Z01jxFUiPSsYSL:HqVZzghITj/+1tFUCL
Static task
static1
Behavioral task
behavioral1
Sample
115301684a07d11965f145257a429d0f570e611b7eae16ae8fa55dd765849e2f.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://doctrashformater.com/gate.php
http://podvigtitanika.com/gate.php
http://tumanimoskal.com/gate.php
-
payload_url
http://moto.com.pl/components/com_content/views/category/tmpl/k1.exe
http://tabelacozumleri.com/wp-content/plugins/feedweb_data/k1.exe
http://rzpkoszalin.pl/images/k1.exe
http://gigsab.se/wp-content/plugins/feedweb_data/k1.exe
http://tefaltanwebs.com/wp-content/plugins/feedweb_data/k1.exe
Targets
-
-
Target
115301684a07d11965f145257a429d0f570e611b7eae16ae8fa55dd765849e2f
-
Size
235KB
-
MD5
4e5856d0d6766b4142f1e626fcbb415a
-
SHA1
2c8e5a953047c0370c7fed8de5056f314261b928
-
SHA256
115301684a07d11965f145257a429d0f570e611b7eae16ae8fa55dd765849e2f
-
SHA512
bf9f33bac7b831101ba86d56c23acb7b66ba95eed196d28b187cfceba9f8b755ee384a6395aaae12aeeff176d1208d6096bb1e703c7ced244a58f02dd375f7f7
-
SSDEEP
6144:Hq6SZHJo1Gl8thITcY/Z01jxFUiPSsYSL:HqVZzghITj/+1tFUCL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-