General
-
Target
95abbcfb61b8cde05f69a06e1fc4e2ee1fe26635a1a352730878f043f86af103
-
Size
34KB
-
Sample
221028-2qskcaback
-
MD5
b584116bdf327df5eec290aa3ef69103
-
SHA1
62942105ac9cac9f8efdba76725848fd7788ab94
-
SHA256
95abbcfb61b8cde05f69a06e1fc4e2ee1fe26635a1a352730878f043f86af103
-
SHA512
590c8d26de7ea296a365f8975c0309977f1c92612246531ca8616fc19b64a3aa8597697ea709456a35fa9ef63e067eeccbf917d6bcbe7a301e1822cf0cdce1c9
-
SSDEEP
768:cwQ1t8dRamt9Ys823a39DjDq+wQt6Hvlies8jg+I/exm1R4K:FQPgamt9N3CmfRHvlxs8lI2c1RN
Behavioral task
behavioral1
Sample
95abbcfb61b8cde05f69a06e1fc4e2ee1fe26635a1a352730878f043f86af103.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://www.melodyhymns.com/Z1/bigmac/gate.php
Targets
-
-
Target
95abbcfb61b8cde05f69a06e1fc4e2ee1fe26635a1a352730878f043f86af103
-
Size
34KB
-
MD5
b584116bdf327df5eec290aa3ef69103
-
SHA1
62942105ac9cac9f8efdba76725848fd7788ab94
-
SHA256
95abbcfb61b8cde05f69a06e1fc4e2ee1fe26635a1a352730878f043f86af103
-
SHA512
590c8d26de7ea296a365f8975c0309977f1c92612246531ca8616fc19b64a3aa8597697ea709456a35fa9ef63e067eeccbf917d6bcbe7a301e1822cf0cdce1c9
-
SSDEEP
768:cwQ1t8dRamt9Ys823a39DjDq+wQt6Hvlies8jg+I/exm1R4K:FQPgamt9N3CmfRHvlxs8lI2c1RN
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-