General
-
Target
8cc614914ae5b0fa525ebbb25abdceac061bcdd182a1eb3fd6bbc1545af1553e
-
Size
853KB
-
Sample
221126-e7mdbscb83
-
MD5
031bb5e3a8a912ebe1062c11626554ef
-
SHA1
777088c33921b36e6242ff972a7e157184cb7ff5
-
SHA256
8cc614914ae5b0fa525ebbb25abdceac061bcdd182a1eb3fd6bbc1545af1553e
-
SHA512
8571c313028723b2e333d433be4b0736fff189244dfed8ee3eafa2142f5edd11cdd964c149951674bbd03acb3fc9738727d6d7ed0ab49e4d468a0989118e6874
-
SSDEEP
6144:gXN1NM84buxCdPFsaS2cDDnB743okE/iKnMcYwhPAnXV/ZFuJQeWEZ6/:W1NM0QdNpkDl2EqKXPAnXV/8Qeh
Static task
static1
Behavioral task
behavioral1
Sample
8cc614914ae5b0fa525ebbb25abdceac061bcdd182a1eb3fd6bbc1545af1553e.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://oscanpro.favcc1.com/gate.php
Targets
-
-
Target
8cc614914ae5b0fa525ebbb25abdceac061bcdd182a1eb3fd6bbc1545af1553e
-
Size
853KB
-
MD5
031bb5e3a8a912ebe1062c11626554ef
-
SHA1
777088c33921b36e6242ff972a7e157184cb7ff5
-
SHA256
8cc614914ae5b0fa525ebbb25abdceac061bcdd182a1eb3fd6bbc1545af1553e
-
SHA512
8571c313028723b2e333d433be4b0736fff189244dfed8ee3eafa2142f5edd11cdd964c149951674bbd03acb3fc9738727d6d7ed0ab49e4d468a0989118e6874
-
SSDEEP
6144:gXN1NM84buxCdPFsaS2cDDnB743okE/iKnMcYwhPAnXV/ZFuJQeWEZ6/:W1NM0QdNpkDl2EqKXPAnXV/8Qeh
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-