General
-
Target
183e21cb0aceb87f0721202e9f9b7ef44bfe666db5955909e2d61cbcef843e68
-
Size
448KB
-
Sample
220608-wmqzfsafhj
-
MD5
7cfc6c7e531a5a96f05a192d056bf87c
-
SHA1
fcd911a678dc1b6a2fd0558729868f6ebf83fd4b
-
SHA256
183e21cb0aceb87f0721202e9f9b7ef44bfe666db5955909e2d61cbcef843e68
-
SHA512
18de263d13eec4f2e671a3b1433356f14bf1f86e1547e75fce0c8d93fc66cbecf6bd87428fabb489b4699ca1bc58a3eb583d2c10cd9ff9092dc963610bf579bd
Static task
static1
Behavioral task
behavioral1
Sample
183e21cb0aceb87f0721202e9f9b7ef44bfe666db5955909e2d61cbcef843e68.exe
Resource
win7-20220414-en
Malware Config
Extracted
pony
http://lignumpro.com/chief/panelnew/gate.php
Targets
-
-
Target
183e21cb0aceb87f0721202e9f9b7ef44bfe666db5955909e2d61cbcef843e68
-
Size
448KB
-
MD5
7cfc6c7e531a5a96f05a192d056bf87c
-
SHA1
fcd911a678dc1b6a2fd0558729868f6ebf83fd4b
-
SHA256
183e21cb0aceb87f0721202e9f9b7ef44bfe666db5955909e2d61cbcef843e68
-
SHA512
18de263d13eec4f2e671a3b1433356f14bf1f86e1547e75fce0c8d93fc66cbecf6bd87428fabb489b4699ca1bc58a3eb583d2c10cd9ff9092dc963610bf579bd
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-