General
-
Target
d92eb31140ffea3f26ea400d02a68266
-
Size
171KB
-
Sample
240320-s7fsfaca62
-
MD5
d92eb31140ffea3f26ea400d02a68266
-
SHA1
6d638b6f85c8c8424e4821da12bf6806c69e41b7
-
SHA256
2e11e87291e15ab2629ca60eb2dac058a5d3fee2f0ed95daaeeace0b4921120c
-
SHA512
9ba277c49916b192fed22d9740cce84c2cd09977871c0c6c0e6c392f5bdefdf9ef8d56d7592af46d6b017391bd1a596e0a6979d78a3ff3e422e74dee747e62b4
-
SSDEEP
3072:XbGF7n37/e4wNzj8lFqaf7EF3yyW3NxrlO+K/veBsLc:CJ3TeB387lTEiyMtO+K6
Static task
static1
Behavioral task
behavioral1
Sample
d92eb31140ffea3f26ea400d02a68266.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d92eb31140ffea3f26ea400d02a68266.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
pony
http://108.166.65.182:8080/pony/gate.php
http://199.192.203.139/pony/gate.php
-
payload_url
http://ghivece-gradina.ro/a1A.exe
http://parapunov.com/F4nzCV.exe
Targets
-
-
Target
d92eb31140ffea3f26ea400d02a68266
-
Size
171KB
-
MD5
d92eb31140ffea3f26ea400d02a68266
-
SHA1
6d638b6f85c8c8424e4821da12bf6806c69e41b7
-
SHA256
2e11e87291e15ab2629ca60eb2dac058a5d3fee2f0ed95daaeeace0b4921120c
-
SHA512
9ba277c49916b192fed22d9740cce84c2cd09977871c0c6c0e6c392f5bdefdf9ef8d56d7592af46d6b017391bd1a596e0a6979d78a3ff3e422e74dee747e62b4
-
SSDEEP
3072:XbGF7n37/e4wNzj8lFqaf7EF3yyW3NxrlO+K/veBsLc:CJ3TeB387lTEiyMtO+K6
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-