General
-
Target
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0
-
Size
129KB
-
Sample
221120-j16wlsha6z
-
MD5
334bbeb43873d5464982389df3821094
-
SHA1
61a8696cd2d12fe9f7e2eebb9726a168523fcf60
-
SHA256
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0
-
SHA512
fba22afcfc3cae551c883746ba7a507c909d4d4a3a99c0267470bb5ba9638b61bf40129944e6463bdb996d7e89d0868c692ac55820d3fe9c53aaadb9f8522d83
-
SSDEEP
3072:Klgw177mTmSMyyhOYOfSh2wnebvS8wTyoaii:KdwknZq82+/hyH
Static task
static1
Behavioral task
behavioral1
Sample
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://62.173.139.212/forum/gate.php
Targets
-
-
Target
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0
-
Size
129KB
-
MD5
334bbeb43873d5464982389df3821094
-
SHA1
61a8696cd2d12fe9f7e2eebb9726a168523fcf60
-
SHA256
8ece18d9b60d85a02aadadcaa170ad92457fcd735cd69059ef685c3de8c387d0
-
SHA512
fba22afcfc3cae551c883746ba7a507c909d4d4a3a99c0267470bb5ba9638b61bf40129944e6463bdb996d7e89d0868c692ac55820d3fe9c53aaadb9f8522d83
-
SSDEEP
3072:Klgw177mTmSMyyhOYOfSh2wnebvS8wTyoaii:KdwknZq82+/hyH
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-