General
-
Target
4415a4da99f3fc52b9beb1ea9a79376b1aa527e1652322e555122801e577e6ac
-
Size
116KB
-
Sample
221129-lffj2aac8y
-
MD5
18b82b1b34dd76bac0484dc6eae48f20
-
SHA1
1a090954dbaae5d63f4681a25fb3fd2b3663b34d
-
SHA256
4415a4da99f3fc52b9beb1ea9a79376b1aa527e1652322e555122801e577e6ac
-
SHA512
8020bd41c2a804433cfd8db2dd4a59bbcfba1884695b899745db1de66587a5ccbb6c7bb691e20f8ce60f3b417c05b276c21bf7314c97a7ea6fe493625de11568
-
SSDEEP
3072:NkcYYyVfXM7Qka2ZobKi7BmMICrNufVQy:mH2Z1itm/QNudQ
Static task
static1
Behavioral task
behavioral1
Sample
4415a4da99f3fc52b9beb1ea9a79376b1aa527e1652322e555122801e577e6ac.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://watch-fp.biz/forum/viewtopic.php
http://watch-fp.ca/forum/viewtopic.php
http://watch-fp.com/forum/viewtopic.php
http://watch-fp.info/forum/viewtopic.php
-
payload_url
http://www.bettergraphs.com/Q7MkZ.exe
http://ftp.ehlrentacar.mx/YCXM8tL.exe
http://173.192.39.2/R6q4jNb.exe
http://dilros.ru/RkcYWXjw.exe
Targets
-
-
Target
4415a4da99f3fc52b9beb1ea9a79376b1aa527e1652322e555122801e577e6ac
-
Size
116KB
-
MD5
18b82b1b34dd76bac0484dc6eae48f20
-
SHA1
1a090954dbaae5d63f4681a25fb3fd2b3663b34d
-
SHA256
4415a4da99f3fc52b9beb1ea9a79376b1aa527e1652322e555122801e577e6ac
-
SHA512
8020bd41c2a804433cfd8db2dd4a59bbcfba1884695b899745db1de66587a5ccbb6c7bb691e20f8ce60f3b417c05b276c21bf7314c97a7ea6fe493625de11568
-
SSDEEP
3072:NkcYYyVfXM7Qka2ZobKi7BmMICrNufVQy:mH2Z1itm/QNudQ
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-