General
-
Target
3f2ee0c351d69881093345327a161de9e896dcf2d70c6db2a1b5de594db37dff
-
Size
865KB
-
Sample
220521-pxvbasbddn
-
MD5
a27ec6697bb04491e94af81246efa3be
-
SHA1
5eb064c555545181d2db0e166ef63cf3d6453991
-
SHA256
3f2ee0c351d69881093345327a161de9e896dcf2d70c6db2a1b5de594db37dff
-
SHA512
b63555bcba1126af64e6643949b89467b9f6683526352b26664d5c9cf495cf563cca5d84deeecb10f6e32955f9a6b70c0b46c2f46ff861039f821bf88acb8206
Static task
static1
Behavioral task
behavioral1
Sample
TuN8dYhe3q4E2nP.exe
Resource
win7-20220414-en
Malware Config
Extracted
pony
http://seabreezeapartments.co.uk/bb/panelnew/gate.php
Targets
-
-
Target
TuN8dYhe3q4E2nP.exe
-
Size
954KB
-
MD5
90b37416f92cf65d79794c170169b116
-
SHA1
d40c944e9c90dd6563651ccf6f9cfadd74279e81
-
SHA256
62dfd6f1e26aaad4c5efc61482f969cf6f73e6ad54c11c93f02ca14eadf157ab
-
SHA512
ee1251233aea99f826f4fd81f9d77cbf573223a1a5ecadd6d2b04c91f39670c07eed911023a6cf99a36a309a44358bed7e17e0910f22301e72ba3159a822e94b
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-