General
-
Target
82f46a48812986d4f3cf50270558a49b8b11b5469611f5297369c1984e65e8c0
-
Size
153KB
-
Sample
221201-clq4aaaa2v
-
MD5
6024c2e64ac52e5c7178cfe37d03a406
-
SHA1
b4747f78526f75909c9a8d73ff8087ec26df7b53
-
SHA256
82f46a48812986d4f3cf50270558a49b8b11b5469611f5297369c1984e65e8c0
-
SHA512
c8ee350b877ce0a85f607358e61e3e42026d8d5579011cfb4d71acfd09197cb201d7126052ceac8487361514bc4ec76cba98d5c4ed3caaea0c7e1a88e1eed0a6
-
SSDEEP
3072:d2jpmyvLmkRvO7GpGjQ20gxe4RDHpIx1bdrWKrUi2OckejJ:Y59Y5jnI4RDHm1bJW8yb
Behavioral task
behavioral1
Sample
82f46a48812986d4f3cf50270558a49b8b11b5469611f5297369c1984e65e8c0.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
82f46a48812986d4f3cf50270558a49b8b11b5469611f5297369c1984e65e8c0.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://66.55.89.149:8080/forum/viewtopic.php
http://66.55.89.150:8080/forum/viewtopic.php
-
payload_url
http://masterbox.it/mscPMS4u/i3h.exe
Targets
-
-
Target
82f46a48812986d4f3cf50270558a49b8b11b5469611f5297369c1984e65e8c0
-
Size
153KB
-
MD5
6024c2e64ac52e5c7178cfe37d03a406
-
SHA1
b4747f78526f75909c9a8d73ff8087ec26df7b53
-
SHA256
82f46a48812986d4f3cf50270558a49b8b11b5469611f5297369c1984e65e8c0
-
SHA512
c8ee350b877ce0a85f607358e61e3e42026d8d5579011cfb4d71acfd09197cb201d7126052ceac8487361514bc4ec76cba98d5c4ed3caaea0c7e1a88e1eed0a6
-
SSDEEP
3072:d2jpmyvLmkRvO7GpGjQ20gxe4RDHpIx1bdrWKrUi2OckejJ:Y59Y5jnI4RDHm1bJW8yb
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-