General
-
Target
e07c4eef138bfd24a0f082a9fd0fd11f
-
Size
194KB
-
Sample
240327-b9ybtscf8s
-
MD5
e07c4eef138bfd24a0f082a9fd0fd11f
-
SHA1
6c742601efb2dfbd7226f3897ba9b5133feebf7b
-
SHA256
6b10dad38bb45d2003d850e5c6d2ae5eda2ecff337719f44c8e32f1f634cfb0d
-
SHA512
483496e80a3521f3bf99c31d7de7a88cc102e0b04e47ca0f0a70993464f3a21c7810081a2aaa72aef546b1d0bd0e544938cb5bf00de355f481c7d90bccb54121
-
SSDEEP
3072:FkDHMwuH5OGVcDuDR4KZJpARUt6iSByWpWfY:F+swxDuF4KZJpbCByoWfY
Static task
static1
Behavioral task
behavioral1
Sample
e07c4eef138bfd24a0f082a9fd0fd11f.exe
Resource
win7-20240221-en
Malware Config
Extracted
pony
http://node01.geoborders.net:8080/forum/viewtopic.php
http://91.121.1.54:8080/forum/viewtopic.php
http://72.243.190.162:8080/forum/viewtopic.php
http://sms.theliontel.com:8080/forum/viewtopic.php
-
payload_url
http://www.spec06.dircon.co.uk/oH5HG1X.exe
http://thevermontcup.com/K0KApXsj.exe
http://badzo.biz/ZYH.exe
Targets
-
-
Target
e07c4eef138bfd24a0f082a9fd0fd11f
-
Size
194KB
-
MD5
e07c4eef138bfd24a0f082a9fd0fd11f
-
SHA1
6c742601efb2dfbd7226f3897ba9b5133feebf7b
-
SHA256
6b10dad38bb45d2003d850e5c6d2ae5eda2ecff337719f44c8e32f1f634cfb0d
-
SHA512
483496e80a3521f3bf99c31d7de7a88cc102e0b04e47ca0f0a70993464f3a21c7810081a2aaa72aef546b1d0bd0e544938cb5bf00de355f481c7d90bccb54121
-
SSDEEP
3072:FkDHMwuH5OGVcDuDR4KZJpARUt6iSByWpWfY:F+swxDuF4KZJpbCByoWfY
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-