General
-
Target
971443aa3efcab7657935b3346d329d957612209f634bbda0203376dddf15512.exe
-
Size
240KB
-
Sample
220521-yhzf5sgcbl
-
MD5
5a55e6c092cf553188e2f6d8beefe93f
-
SHA1
e273a97c430dff0097d37417c302f46fc6a85027
-
SHA256
971443aa3efcab7657935b3346d329d957612209f634bbda0203376dddf15512
-
SHA512
02ca726dcf1158777fb6398d2af1b2bba7a51d6e3378079bfa1ed631fe0bb28ff92e07ca566021493bcf800c5adb95dec44a9c550849f664aff20e640e6e869b
Static task
static1
Behavioral task
behavioral1
Sample
971443aa3efcab7657935b3346d329d957612209f634bbda0203376dddf15512.exe
Resource
win7-20220414-en
Malware Config
Extracted
pony
http://azbex.com/sydney/panelnew/gate.php
Targets
-
-
Target
971443aa3efcab7657935b3346d329d957612209f634bbda0203376dddf15512.exe
-
Size
240KB
-
MD5
5a55e6c092cf553188e2f6d8beefe93f
-
SHA1
e273a97c430dff0097d37417c302f46fc6a85027
-
SHA256
971443aa3efcab7657935b3346d329d957612209f634bbda0203376dddf15512
-
SHA512
02ca726dcf1158777fb6398d2af1b2bba7a51d6e3378079bfa1ed631fe0bb28ff92e07ca566021493bcf800c5adb95dec44a9c550849f664aff20e640e6e869b
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-