General
-
Target
3c8ec69046d493318498fe07a8fbbff6a3be4916c957da7279bafda1af00d7d5
-
Size
90KB
-
Sample
220703-hv6g8ahggl
-
MD5
3ed498815c680df4083bd6aa0b6a28fb
-
SHA1
8a73e32e31166fbca108b24aa79b8036621a6d8d
-
SHA256
3c8ec69046d493318498fe07a8fbbff6a3be4916c957da7279bafda1af00d7d5
-
SHA512
cff24eadf1900f37833a00f9c9c130e53f3673244de986b0a3fecadfecf9b644079de119fa67b3fd0e85c543ff63d6bca91f3c05f9947eab79ce5e43662657f6
Static task
static1
Behavioral task
behavioral1
Sample
3c8ec69046d493318498fe07a8fbbff6a3be4916c957da7279bafda1af00d7d5.exe
Resource
win7-20220414-en
Malware Config
Extracted
pony
http://kasatus.se/blyeat/gate.php
-
payload_url
http://kasatus.se/blyeat/shit.exe
Targets
-
-
Target
3c8ec69046d493318498fe07a8fbbff6a3be4916c957da7279bafda1af00d7d5
-
Size
90KB
-
MD5
3ed498815c680df4083bd6aa0b6a28fb
-
SHA1
8a73e32e31166fbca108b24aa79b8036621a6d8d
-
SHA256
3c8ec69046d493318498fe07a8fbbff6a3be4916c957da7279bafda1af00d7d5
-
SHA512
cff24eadf1900f37833a00f9c9c130e53f3673244de986b0a3fecadfecf9b644079de119fa67b3fd0e85c543ff63d6bca91f3c05f9947eab79ce5e43662657f6
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-