General
-
Target
d9bf4fa7c8a2163b03003d174715bf10
-
Size
150KB
-
Sample
240320-y7xnvaab38
-
MD5
d9bf4fa7c8a2163b03003d174715bf10
-
SHA1
3fe4197f6605ea56fbd36de745169aec955011ab
-
SHA256
55ea4c81966bdeec6fc26b6b5578cd70f075dc017639c3624a18d09c6f84bc37
-
SHA512
eff581cd3feb6aac40a9feeacc5df8dfa81139a812dbfb117d2b351cc9471d07a4ecb9ed3ef82e46c81d4895cdfc2972d2cddb51e91fba6498c235b189113942
-
SSDEEP
3072:ncu6l6anf8GvO7GpGjQ20gxe4RDHpIx1bdrWKrUi2Ockep:VTcxY5jnI4RDHm1bJW8ybd
Static task
static1
Behavioral task
behavioral1
Sample
d9bf4fa7c8a2163b03003d174715bf10.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://66.55.89.149:8080/forum/viewtopic.php
http://66.55.89.150:8080/forum/viewtopic.php
-
payload_url
http://masterbox.it/mscPMS4u/i3h.exe
Targets
-
-
Target
d9bf4fa7c8a2163b03003d174715bf10
-
Size
150KB
-
MD5
d9bf4fa7c8a2163b03003d174715bf10
-
SHA1
3fe4197f6605ea56fbd36de745169aec955011ab
-
SHA256
55ea4c81966bdeec6fc26b6b5578cd70f075dc017639c3624a18d09c6f84bc37
-
SHA512
eff581cd3feb6aac40a9feeacc5df8dfa81139a812dbfb117d2b351cc9471d07a4ecb9ed3ef82e46c81d4895cdfc2972d2cddb51e91fba6498c235b189113942
-
SSDEEP
3072:ncu6l6anf8GvO7GpGjQ20gxe4RDHpIx1bdrWKrUi2Ockep:VTcxY5jnI4RDHm1bJW8ybd
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-