General
-
Target
da6bdcdf5a1bd5411c082a237bad82e5
-
Size
159KB
-
Sample
240321-cmk9eshd89
-
MD5
da6bdcdf5a1bd5411c082a237bad82e5
-
SHA1
dc6382c33c16cf0bae40195bc8dde8d99878ee22
-
SHA256
34fa7142574ee18130928d02970a6bff972e45e42b04c071da44e75708bc3c5b
-
SHA512
32586e5e72e89903d7a130066cd3e4007f30a7dbef000936bec4eec0525bb81b79fb28058c3e142779842bb6d5da60c11a63cdbddbdc39ae8d7f5a08d20ab67e
-
SSDEEP
1536:m+Jb1ltgkxFWzlVUfieYxjLfkrreR0EqLTySQINtcABzuh/Cz60jjCE7Zk5wuKsW:tlOkryleYJ50E+yS/u50H9juKsW
Static task
static1
Behavioral task
behavioral1
Sample
da6bdcdf5a1bd5411c082a237bad82e5.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://ks384721.kimsufi.com:81/pony/gate.php
http://72.37.220.10:8080/pony/gate.php
-
payload_url
http://talentquest.com.mx/1MPj.exe
http://eqsync.com/48QUMsb.exe
http://apostagol1.web102.f1.k8.com.br/782V.exe
Targets
-
-
Target
da6bdcdf5a1bd5411c082a237bad82e5
-
Size
159KB
-
MD5
da6bdcdf5a1bd5411c082a237bad82e5
-
SHA1
dc6382c33c16cf0bae40195bc8dde8d99878ee22
-
SHA256
34fa7142574ee18130928d02970a6bff972e45e42b04c071da44e75708bc3c5b
-
SHA512
32586e5e72e89903d7a130066cd3e4007f30a7dbef000936bec4eec0525bb81b79fb28058c3e142779842bb6d5da60c11a63cdbddbdc39ae8d7f5a08d20ab67e
-
SSDEEP
1536:m+Jb1ltgkxFWzlVUfieYxjLfkrreR0EqLTySQINtcABzuh/Cz60jjCE7Zk5wuKsW:tlOkryleYJ50E+yS/u50H9juKsW
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-