General
-
Target
0378db3048784291ba7987a9874445b36b2ed6d363c1b79f7885ccb912903df4
-
Size
632KB
-
Sample
220528-annptsabd2
-
MD5
e7cc58ecff18406ec216bfa75016f18f
-
SHA1
a4e3fdea9daff124e6f9991b3dffaddc7282a709
-
SHA256
0378db3048784291ba7987a9874445b36b2ed6d363c1b79f7885ccb912903df4
-
SHA512
ee03f7a4be970ea396e3905ac4b18d66016008aede47962441418dbc726029fe0850aa9edf9a18a7f45b0b1800d7985d0fd7ce483b5ff1fcbc40adfaadf93709
Static task
static1
Behavioral task
behavioral1
Sample
0378db3048784291ba7987a9874445b36b2ed6d363c1b79f7885ccb912903df4.exe
Resource
win7-20220414-en
Malware Config
Extracted
pony
http://deips.com/p/panel/gate.php
-
payload_url
http://deips.com/p/panel/shit.exe
Targets
-
-
Target
0378db3048784291ba7987a9874445b36b2ed6d363c1b79f7885ccb912903df4
-
Size
632KB
-
MD5
e7cc58ecff18406ec216bfa75016f18f
-
SHA1
a4e3fdea9daff124e6f9991b3dffaddc7282a709
-
SHA256
0378db3048784291ba7987a9874445b36b2ed6d363c1b79f7885ccb912903df4
-
SHA512
ee03f7a4be970ea396e3905ac4b18d66016008aede47962441418dbc726029fe0850aa9edf9a18a7f45b0b1800d7985d0fd7ce483b5ff1fcbc40adfaadf93709
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-