General
-
Target
cad9eb5a91c9e7ba6582ca727173c48a77ae60939c8bfa875d6bc03bcce86e49
-
Size
144KB
-
Sample
221203-eppqqsda57
-
MD5
715232b95f71fb77c170bf0ed526f250
-
SHA1
2fd4c3f4c6988b4364a2d7f60b84ce182338ef29
-
SHA256
cad9eb5a91c9e7ba6582ca727173c48a77ae60939c8bfa875d6bc03bcce86e49
-
SHA512
c1be358f0e6720e85f38421acf1ef66b258b24daa07e5a2fde71204552136f043c314bd1be654d61120fd32916112f0eb7e92ecf18397a1105db8cd7d9152951
-
SSDEEP
3072:s0IYwk7xA1Ifra36ZbYNgLV3XJBbKuMHiJgpaJDK0rvox2qUQs:nIYwkdra3UbYuFPbUJavrEs
Behavioral task
behavioral1
Sample
cad9eb5a91c9e7ba6582ca727173c48a77ae60939c8bfa875d6bc03bcce86e49.exe
Resource
win7-20220901-en
Malware Config
Extracted
pony
http://74.53.97.66:8080/forum/viewtopic.php
http://74.53.97.67:8080/forum/viewtopic.php
-
payload_url
http://entdeckeschweden.de/awk4jNK.exe
http://clubevidaboa.com.br/Skkos.exe
http://iglesiasdeldiosviviente.org/f2peMF.exe
Targets
-
-
Target
cad9eb5a91c9e7ba6582ca727173c48a77ae60939c8bfa875d6bc03bcce86e49
-
Size
144KB
-
MD5
715232b95f71fb77c170bf0ed526f250
-
SHA1
2fd4c3f4c6988b4364a2d7f60b84ce182338ef29
-
SHA256
cad9eb5a91c9e7ba6582ca727173c48a77ae60939c8bfa875d6bc03bcce86e49
-
SHA512
c1be358f0e6720e85f38421acf1ef66b258b24daa07e5a2fde71204552136f043c314bd1be654d61120fd32916112f0eb7e92ecf18397a1105db8cd7d9152951
-
SSDEEP
3072:s0IYwk7xA1Ifra36ZbYNgLV3XJBbKuMHiJgpaJDK0rvox2qUQs:nIYwkdra3UbYuFPbUJavrEs
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-