General
-
Target
ac3b526a325d3ece20eabcaadbfadae62977f6afa8b40f3ac83bff371a4e287b
-
Size
34KB
-
Sample
221126-k3j1asfg89
-
MD5
efe888af013f09d76f0c43d73ab3f0e9
-
SHA1
e0a7793b244eb1af732933a035c4150c94eac43a
-
SHA256
ac3b526a325d3ece20eabcaadbfadae62977f6afa8b40f3ac83bff371a4e287b
-
SHA512
62f3f81d667b302f0686ecbee3b70a0f7094d8c9269ccbb1bc3e224d2b6533505bac9a5db021524a380c610d530983370fccec5ae7680874cffc8e17549b93f8
-
SSDEEP
768:Ncm2wdRawt9YCqObgarB8ZU7XsSeuVeeP7Gi0S/+neKC9zaf+h5cnPQyf:48awt9hgaN/xVwflCtxhSQyf
Behavioral task
behavioral1
Sample
ac3b526a325d3ece20eabcaadbfadae62977f6afa8b40f3ac83bff371a4e287b.exe
Resource
win7-20221111-en
Malware Config
Extracted
pony
http://itzh4cked.byethost32.com/gate.php
Targets
-
-
Target
ac3b526a325d3ece20eabcaadbfadae62977f6afa8b40f3ac83bff371a4e287b
-
Size
34KB
-
MD5
efe888af013f09d76f0c43d73ab3f0e9
-
SHA1
e0a7793b244eb1af732933a035c4150c94eac43a
-
SHA256
ac3b526a325d3ece20eabcaadbfadae62977f6afa8b40f3ac83bff371a4e287b
-
SHA512
62f3f81d667b302f0686ecbee3b70a0f7094d8c9269ccbb1bc3e224d2b6533505bac9a5db021524a380c610d530983370fccec5ae7680874cffc8e17549b93f8
-
SSDEEP
768:Ncm2wdRawt9YCqObgarB8ZU7XsSeuVeeP7Gi0S/+neKC9zaf+h5cnPQyf:48awt9hgaN/xVwflCtxhSQyf
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-