General
-
Target
8a53a2d1da5f67f2bee1aa591e3c5309943ff4fd7d1463060ce4983d6828f308
-
Size
95KB
-
Sample
221003-bcpy7ahhb4
-
MD5
62b4059f5b21fed0a44ac0cafb6ec3bb
-
SHA1
ef3a36c64e6b589b7b1294d23a031a9e8777b634
-
SHA256
8a53a2d1da5f67f2bee1aa591e3c5309943ff4fd7d1463060ce4983d6828f308
-
SHA512
6ba84cddf2bc564ad7d46b1f5446a610285a3c61b5d35a6cd5d3080d19aaa17c9fb6ed895094dd0e7fdbe71c0bb4e23a3e01e36fa03cb10bbf6e57f94b8709fe
-
SSDEEP
1536:EZ671dmSAeZO/ZBLwUTcyjaIhtziuj7D+jz8Nl3ldPpZs7WLSFXQvVA2ctrPu:E61lOR8y2szvajwnV7QYU6ZcJP
Static task
static1
Behavioral task
behavioral1
Sample
8a53a2d1da5f67f2bee1aa591e3c5309943ff4fd7d1463060ce4983d6828f308.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://sekshaha.info/gate.php
Targets
-
-
Target
8a53a2d1da5f67f2bee1aa591e3c5309943ff4fd7d1463060ce4983d6828f308
-
Size
95KB
-
MD5
62b4059f5b21fed0a44ac0cafb6ec3bb
-
SHA1
ef3a36c64e6b589b7b1294d23a031a9e8777b634
-
SHA256
8a53a2d1da5f67f2bee1aa591e3c5309943ff4fd7d1463060ce4983d6828f308
-
SHA512
6ba84cddf2bc564ad7d46b1f5446a610285a3c61b5d35a6cd5d3080d19aaa17c9fb6ed895094dd0e7fdbe71c0bb4e23a3e01e36fa03cb10bbf6e57f94b8709fe
-
SSDEEP
1536:EZ671dmSAeZO/ZBLwUTcyjaIhtziuj7D+jz8Nl3ldPpZs7WLSFXQvVA2ctrPu:E61lOR8y2szvajwnV7QYU6ZcJP
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-