General
-
Target
86cb5cda1f6ec319e39158d61fc0cd36caf4d0c032db9915c969ed16901ef572
-
Size
114KB
-
Sample
221201-cjwkzsed36
-
MD5
18ed4273c90724e89b1e7a70e9d3c900
-
SHA1
1c3623a5878b8c603a3b353178cfcf32910924af
-
SHA256
86cb5cda1f6ec319e39158d61fc0cd36caf4d0c032db9915c969ed16901ef572
-
SHA512
fd6470b5e6139f96db0232e5d0f15d130a92ac5ae369aa37ac03c0e0b81e22d5a52b5a88affbc93ceddaf7fb2ade399f6e3789861506de546fbecfaa6e4fbc79
-
SSDEEP
3072:PX4sIiRGzJlGFE+qBN+iAeLVtgxlNqlX0dXTxlrQEAnsobbbbbbbjMiQnUT:PX4sGzfQE+UbtSjqlX0dj/QEofbbbbbL
Static task
static1
Behavioral task
behavioral1
Sample
86cb5cda1f6ec319e39158d61fc0cd36caf4d0c032db9915c969ed16901ef572.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://abes.net/forum/viewtopic.php
http://abesburger.com/forum/viewtopic.php
http://abescasualgrill.com/forum/viewtopic.php
http://abescasualgrill.info/forum/viewtopic.php
-
payload_url
http://bmsbangalore.com/aH56G0.exe
http://yogaworx.com.au/MwvBCVg.exe
http://maricart.eu/WnMb5bc.exe
http://68.71.47.70/pmYs.exe
Targets
-
-
Target
86cb5cda1f6ec319e39158d61fc0cd36caf4d0c032db9915c969ed16901ef572
-
Size
114KB
-
MD5
18ed4273c90724e89b1e7a70e9d3c900
-
SHA1
1c3623a5878b8c603a3b353178cfcf32910924af
-
SHA256
86cb5cda1f6ec319e39158d61fc0cd36caf4d0c032db9915c969ed16901ef572
-
SHA512
fd6470b5e6139f96db0232e5d0f15d130a92ac5ae369aa37ac03c0e0b81e22d5a52b5a88affbc93ceddaf7fb2ade399f6e3789861506de546fbecfaa6e4fbc79
-
SSDEEP
3072:PX4sIiRGzJlGFE+qBN+iAeLVtgxlNqlX0dXTxlrQEAnsobbbbbbbjMiQnUT:PX4sGzfQE+UbtSjqlX0dj/QEofbbbbbL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-