General
-
Target
396bbb76b0072bca8e8dc20bee1c1a0a76f966644b070706b33b1332e464f2dc
-
Size
48KB
-
Sample
220625-mme3hsgffp
-
MD5
5b2374499e26f600bced33ee159e92a4
-
SHA1
1958570485ec9e31310b98f54c5c0cad07dc61fa
-
SHA256
396bbb76b0072bca8e8dc20bee1c1a0a76f966644b070706b33b1332e464f2dc
-
SHA512
8d1b4600756e7b629a4db1adbc42595c52872255e7c5023d1c6048c4dd082be316af2e9fc0d3d422cb35c2b8b1daf0e97fb8834b1270cb03405f214980ff1dbd
Behavioral task
behavioral1
Sample
396bbb76b0072bca8e8dc20bee1c1a0a76f966644b070706b33b1332e464f2dc.exe
Resource
win7-20220414-en
Malware Config
Extracted
pony
http://sonatrach.us/otic/gate.php
Targets
-
-
Target
396bbb76b0072bca8e8dc20bee1c1a0a76f966644b070706b33b1332e464f2dc
-
Size
48KB
-
MD5
5b2374499e26f600bced33ee159e92a4
-
SHA1
1958570485ec9e31310b98f54c5c0cad07dc61fa
-
SHA256
396bbb76b0072bca8e8dc20bee1c1a0a76f966644b070706b33b1332e464f2dc
-
SHA512
8d1b4600756e7b629a4db1adbc42595c52872255e7c5023d1c6048c4dd082be316af2e9fc0d3d422cb35c2b8b1daf0e97fb8834b1270cb03405f214980ff1dbd
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-