General
-
Target
d76beb74b29c207da94a4943eac5bfbd
-
Size
144KB
-
Sample
240320-afb13aca7v
-
MD5
d76beb74b29c207da94a4943eac5bfbd
-
SHA1
e8c1eb23fa37eec26f88094c2de5352afb084f8e
-
SHA256
33a967419ac558592128710bbd2a5a45238f86aba3d689d10a21045336628de9
-
SHA512
8b50c50640d5dc14cf0f7f210756f11b166bebbd599831b14b5e15bf51acde10365fc5c9a89b6d46b590fca1e9782d8a0634d7b02ca9120926579d9354f46ddb
-
SSDEEP
3072:0jlKZelTDcHbSnCZYoB1rLAxgutQb0HdUyY6CpaJFsZLoYHY:4wel4Sn8YoLLVrbwzuaj2rH
Static task
static1
Behavioral task
behavioral1
Sample
d76beb74b29c207da94a4943eac5bfbd.exe
Resource
win7-20240215-en
Malware Config
Extracted
pony
http://74.53.97.66:8080/forum/viewtopic.php
http://74.53.97.67:8080/forum/viewtopic.php
-
payload_url
http://orion.obidigital.net/d09ZhGf.exe
http://ftp.lastraautosport.com.ar/xjH.exe
Targets
-
-
Target
d76beb74b29c207da94a4943eac5bfbd
-
Size
144KB
-
MD5
d76beb74b29c207da94a4943eac5bfbd
-
SHA1
e8c1eb23fa37eec26f88094c2de5352afb084f8e
-
SHA256
33a967419ac558592128710bbd2a5a45238f86aba3d689d10a21045336628de9
-
SHA512
8b50c50640d5dc14cf0f7f210756f11b166bebbd599831b14b5e15bf51acde10365fc5c9a89b6d46b590fca1e9782d8a0634d7b02ca9120926579d9354f46ddb
-
SSDEEP
3072:0jlKZelTDcHbSnCZYoB1rLAxgutQb0HdUyY6CpaJFsZLoYHY:4wel4Sn8YoLLVrbwzuaj2rH
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-