General
-
Target
62acb51af882ee10c844400be8026cbe614907ac2eac410dce726729fc4f4263
-
Size
181KB
-
Sample
221124-e6el4ace9w
-
MD5
2b5704aa3e0bcf5bd98b9a1a92f06554
-
SHA1
56cfb955e597255c07a2d8e46709f5de905a6cda
-
SHA256
62acb51af882ee10c844400be8026cbe614907ac2eac410dce726729fc4f4263
-
SHA512
d09c09759a75aba3fb2a1397d6fbc1001813c101d9039538cf772da5abf84996b2f4a161d00964fba8e31c881ba13976e55f86141f4d6a77ee728598d800fa9b
-
SSDEEP
3072:ba+HomFRQ0qd1j9Hdyev3Hq3/lSV3z4q4cz:++HhDUf9/v3K/4hz4zc
Static task
static1
Behavioral task
behavioral1
Sample
62acb51af882ee10c844400be8026cbe614907ac2eac410dce726729fc4f4263.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://botsworkingnets.net/Panel/gate.php
Targets
-
-
Target
62acb51af882ee10c844400be8026cbe614907ac2eac410dce726729fc4f4263
-
Size
181KB
-
MD5
2b5704aa3e0bcf5bd98b9a1a92f06554
-
SHA1
56cfb955e597255c07a2d8e46709f5de905a6cda
-
SHA256
62acb51af882ee10c844400be8026cbe614907ac2eac410dce726729fc4f4263
-
SHA512
d09c09759a75aba3fb2a1397d6fbc1001813c101d9039538cf772da5abf84996b2f4a161d00964fba8e31c881ba13976e55f86141f4d6a77ee728598d800fa9b
-
SSDEEP
3072:ba+HomFRQ0qd1j9Hdyev3Hq3/lSV3z4q4cz:++HhDUf9/v3K/4hz4zc
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-