General
-
Target
bcd6d9b065433060c49e75cb9d44665a96274fa16cc91e864a9a635174fe69d4
-
Size
127KB
-
Sample
221120-jjdthagc6y
-
MD5
239dfcb51df859ce1427e24eb20587a0
-
SHA1
2c6b9210ba7ba0b0087ff5169ef093d9970f7556
-
SHA256
bcd6d9b065433060c49e75cb9d44665a96274fa16cc91e864a9a635174fe69d4
-
SHA512
840d18958fded2849ab81456b23add95fd90f317f48673dd00bfce0704a77b90add964e72896f9748fec5d3a747dfe04ce3635f24bacf571f646307d1510f287
-
SSDEEP
1536:QawJYA/uaIF+ujgHgD2VDkkIFlgwFT5III5F8m3N3Plfxu:mJYwuBXjgIUjsl7FT6VFJ3xu
Static task
static1
Behavioral task
behavioral1
Sample
bcd6d9b065433060c49e75cb9d44665a96274fa16cc91e864a9a635174fe69d4.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://rolex211.8s.nl/po/gate.php
http://rolex212.8s.nl/po/gate.php
http://rolex213.8s.nl/po/gate.php
Targets
-
-
Target
bcd6d9b065433060c49e75cb9d44665a96274fa16cc91e864a9a635174fe69d4
-
Size
127KB
-
MD5
239dfcb51df859ce1427e24eb20587a0
-
SHA1
2c6b9210ba7ba0b0087ff5169ef093d9970f7556
-
SHA256
bcd6d9b065433060c49e75cb9d44665a96274fa16cc91e864a9a635174fe69d4
-
SHA512
840d18958fded2849ab81456b23add95fd90f317f48673dd00bfce0704a77b90add964e72896f9748fec5d3a747dfe04ce3635f24bacf571f646307d1510f287
-
SSDEEP
1536:QawJYA/uaIF+ujgHgD2VDkkIFlgwFT5III5F8m3N3Plfxu:mJYwuBXjgIUjsl7FT6VFJ3xu
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-