General
-
Target
dadcbbb2166372ecd1233c3fb9b02b29
-
Size
172KB
-
Sample
240321-gnlc2ada92
-
MD5
dadcbbb2166372ecd1233c3fb9b02b29
-
SHA1
ba534c8f6a9220e408b675de12c4ac908e6db02c
-
SHA256
a99fea064df4def0094b414104da16d4a2cc2ae3bfb6da482c336303a5200814
-
SHA512
d0c9b72a097675705fc1258851d6bdee577b7b7d92091758b6ce42e1772f63dbc97f2bb7d5d6a8e149dabb5aecc2e0c56ba159d4ebe4e7820c92023718663916
-
SSDEEP
3072:jpXww2bG7/Tg2DmffDrbYHHf3xaW3ShYtNYKse9:ehSTTLmfbHe/haMSNKb
Static task
static1
Behavioral task
behavioral1
Sample
dadcbbb2166372ecd1233c3fb9b02b29.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dadcbbb2166372ecd1233c3fb9b02b29.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
pony
http://108.166.65.182:8080/pony/gate.php
http://66.150.188.33/pony/gate.php
-
payload_url
http://bgdt.co.uk/2A3.exe
http://madeiras10.com.br/ZNg8uR.exe
http://aencuentro.com.ar/xc25nXp.exe
Targets
-
-
Target
dadcbbb2166372ecd1233c3fb9b02b29
-
Size
172KB
-
MD5
dadcbbb2166372ecd1233c3fb9b02b29
-
SHA1
ba534c8f6a9220e408b675de12c4ac908e6db02c
-
SHA256
a99fea064df4def0094b414104da16d4a2cc2ae3bfb6da482c336303a5200814
-
SHA512
d0c9b72a097675705fc1258851d6bdee577b7b7d92091758b6ce42e1772f63dbc97f2bb7d5d6a8e149dabb5aecc2e0c56ba159d4ebe4e7820c92023718663916
-
SSDEEP
3072:jpXww2bG7/Tg2DmffDrbYHHf3xaW3ShYtNYKse9:ehSTTLmfbHe/haMSNKb
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-