General
-
Target
db23286e4d43184053425ed0aa94a3b3715ec255e9e26c45175d537b4fa7612e
-
Size
2.4MB
-
Sample
230627-a4l6yadd9s
-
MD5
e0880d33ad59303ecefb104fc968b130
-
SHA1
df1ed75c3c9e1c2a4e4ccb54ed77b5b784ebd9f4
-
SHA256
db23286e4d43184053425ed0aa94a3b3715ec255e9e26c45175d537b4fa7612e
-
SHA512
c4c21da02f9fa47fdba1a1ca2d91ba5b5f3a0e7b389cd56af5ac944237df61e3b1e76f158285de535bac2c320b71bb41cd024db13693df4c9b315a52ae994df4
-
SSDEEP
24576:F2OTeFxvKLuoucZybHXMDg2cQV09aoz25OVn3GuQ5Y3h3js9s3QeH:bTux6ZT0sozGK3Ns9s37H
Static task
static1
Behavioral task
behavioral1
Sample
db23286e4d43184053425ed0aa94a3b3715ec255e9e26c45175d537b4fa7612e.exe
Resource
win7-20230621-en
Malware Config
Extracted
pony
http://200.72.183.54:81/pony/gate.php
http://91.121.84.204:8080/pony/gate.php
-
payload_url
http://hotelsatmatheran.com/0Pvo9Hnu/EpJbWNWD.exe
http://arteyciencia.es/AUq5p7Sm/4VLks.exe
Targets
-
-
Target
db23286e4d43184053425ed0aa94a3b3715ec255e9e26c45175d537b4fa7612e
-
Size
2.4MB
-
MD5
e0880d33ad59303ecefb104fc968b130
-
SHA1
df1ed75c3c9e1c2a4e4ccb54ed77b5b784ebd9f4
-
SHA256
db23286e4d43184053425ed0aa94a3b3715ec255e9e26c45175d537b4fa7612e
-
SHA512
c4c21da02f9fa47fdba1a1ca2d91ba5b5f3a0e7b389cd56af5ac944237df61e3b1e76f158285de535bac2c320b71bb41cd024db13693df4c9b315a52ae994df4
-
SSDEEP
24576:F2OTeFxvKLuoucZybHXMDg2cQV09aoz25OVn3GuQ5Y3h3js9s3QeH:bTux6ZT0sozGK3Ns9s37H
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-