General
-
Target
9dc3402992dcee334e7dd20afd97a43a2f881a46283679a765184ea17dcd1a5d
-
Size
76KB
-
Sample
221002-px9e8aghdp
-
MD5
6368a5a850d9ba1dba328868de447790
-
SHA1
68d1389e4d37465a357b0fa1486f1f3b5ae8fae5
-
SHA256
9dc3402992dcee334e7dd20afd97a43a2f881a46283679a765184ea17dcd1a5d
-
SHA512
2b336a54c4a0d9d6f0e243b3b1ccdded65341a9e4a7570a0253f63684f3ca73fd607293da8ad8693eb0d1b04fa8837dc4bc470326b42d69accdbfe30df8ea00a
-
SSDEEP
1536:jElSsPO6oNBKPofhVlmbJv0f2ZBo76gQiJJLQ:j8K6YaYneS2Ze6P4U
Static task
static1
Behavioral task
behavioral1
Sample
9dc3402992dcee334e7dd20afd97a43a2f881a46283679a765184ea17dcd1a5d.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://alternativescrucial.org/js/gate.php
Targets
-
-
Target
9dc3402992dcee334e7dd20afd97a43a2f881a46283679a765184ea17dcd1a5d
-
Size
76KB
-
MD5
6368a5a850d9ba1dba328868de447790
-
SHA1
68d1389e4d37465a357b0fa1486f1f3b5ae8fae5
-
SHA256
9dc3402992dcee334e7dd20afd97a43a2f881a46283679a765184ea17dcd1a5d
-
SHA512
2b336a54c4a0d9d6f0e243b3b1ccdded65341a9e4a7570a0253f63684f3ca73fd607293da8ad8693eb0d1b04fa8837dc4bc470326b42d69accdbfe30df8ea00a
-
SSDEEP
1536:jElSsPO6oNBKPofhVlmbJv0f2ZBo76gQiJJLQ:j8K6YaYneS2Ze6P4U
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-