General
-
Target
54197190ca0d9da9f6ccf85b14eabdf02a50f25df2361894a18a00f21b8ec541N
-
Size
128KB
-
Sample
241103-jdy79axrhv
-
MD5
0f03aa0eb952549301205375157386b0
-
SHA1
ee7e38f07551013f3510aeb7b0215c395d286fb3
-
SHA256
54197190ca0d9da9f6ccf85b14eabdf02a50f25df2361894a18a00f21b8ec541
-
SHA512
5ad352acd6d7ef8af61189825278ffa62a137983624ed9f36dfdab8f93f040aa9f61e8e610364565f7c6520d1d4e46161844a8a4f3b847cec2db6d5bf06af7fd
-
SSDEEP
3072:eFF3wQ1kYCp/GzuubC3ZiGqcxYjH/4eBHs1I:aw9Tp/GDm3GBjH/zd
Static task
static1
Behavioral task
behavioral1
Sample
54197190ca0d9da9f6ccf85b14eabdf02a50f25df2361894a18a00f21b8ec541N.exe
Resource
win7-20240903-en
Malware Config
Extracted
pony
http://200.72.183.54:81/pony/gate.php
http://91.121.84.204:8080/pony/gate.php
-
payload_url
http://astrum-rybka.ru/CUyfRYaU/JrhtN.exe
http://hermesdiepenbeek.be/5sGmi7RJ/ZSY.exe
http://mysophiebiz.co.cc/m2bmBf3r/q1z.exe
Targets
-
-
Target
54197190ca0d9da9f6ccf85b14eabdf02a50f25df2361894a18a00f21b8ec541N
-
Size
128KB
-
MD5
0f03aa0eb952549301205375157386b0
-
SHA1
ee7e38f07551013f3510aeb7b0215c395d286fb3
-
SHA256
54197190ca0d9da9f6ccf85b14eabdf02a50f25df2361894a18a00f21b8ec541
-
SHA512
5ad352acd6d7ef8af61189825278ffa62a137983624ed9f36dfdab8f93f040aa9f61e8e610364565f7c6520d1d4e46161844a8a4f3b847cec2db6d5bf06af7fd
-
SSDEEP
3072:eFF3wQ1kYCp/GzuubC3ZiGqcxYjH/4eBHs1I:aw9Tp/GDm3GBjH/zd
-
Pony family
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-