General
-
Target
a012ea7953293c568c474301838e653c.exe
-
Size
401KB
-
Sample
230327-1z3agafe46
-
MD5
a012ea7953293c568c474301838e653c
-
SHA1
ffecf15fceb89c31b387e712155e582ec6ebf721
-
SHA256
f078ff57bfb8da5ccb26d1c77bffc97b4ce67f2eae7fb22d5a544ce8a28c8aa4
-
SHA512
5c8bfa8cb3e76d3a6b4ae0c7e6c5d6e863925965c45716a05d844fbc4169d3e33ab59eb507c0635ad9415b548b5e276ca78cae4d0701359c6ac01227f6734fcb
-
SSDEEP
6144:R0+VNlPdwzTzgnDbVeMMEI408lMRcH9QZpYcwIe9DkL3pR:qm3azXcMEI4FlMudQZsDU3pR
Static task
static1
Behavioral task
behavioral1
Sample
a012ea7953293c568c474301838e653c.exe
Resource
win7-20230220-en
Malware Config
Extracted
pony
http://parkinsworld.cf/parkins/gate.php
Targets
-
-
Target
a012ea7953293c568c474301838e653c.exe
-
Size
401KB
-
MD5
a012ea7953293c568c474301838e653c
-
SHA1
ffecf15fceb89c31b387e712155e582ec6ebf721
-
SHA256
f078ff57bfb8da5ccb26d1c77bffc97b4ce67f2eae7fb22d5a544ce8a28c8aa4
-
SHA512
5c8bfa8cb3e76d3a6b4ae0c7e6c5d6e863925965c45716a05d844fbc4169d3e33ab59eb507c0635ad9415b548b5e276ca78cae4d0701359c6ac01227f6734fcb
-
SSDEEP
6144:R0+VNlPdwzTzgnDbVeMMEI408lMRcH9QZpYcwIe9DkL3pR:qm3azXcMEI4FlMudQZsDU3pR
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-